Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Rundll32.exe at almost 100% CPU Usage [RESOLVED]

Started by rotterdam , Aug 18 2008 03:03 AM

This topic is locked

#1
rotterdam

Posted 18 August 2008 - 03:03 AM

Member

Member
13 posts

Dear Sirs,

I have a strange problem with my notebook. (A IBM Thinkpad t41) Lately my HD crashed so i had it replaced. Of course i had to re-install all the programs. However, after i did that, my computer really became slow. The problems lies -i think- in the fact that the Rundll32.exe uses all the CPU power. I can put it on a low priority and then other programs do work, however it is very annoying. Of course i did went to the other messages here, because i am not the first to encounter the problem. Unfortunately i am not that much of an expert and i could not find the solution. I did made a logfile (while the problems is occuring) with hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:08, on 18-8-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP3 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\MAURIC~1\LOCALS~1\Temp\Tijdelijke map 1 voor hijackthis.zip\HijackThis.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [UC_Start] C:\IBMTools\Updater\ucstartup.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1214843449520
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

--
End of file - 7364 bytes
Of course i run:

virusscanners (one by one)
speedupmypc
Adware
spybot in both modes

EDIT: I also ran a VundoFix scan - nothing found as well..

I hope any of you experts could have a look at it. Perhaps you see what is wrong. I could not see 'when' this occurs. There seems to be no specific reason. I also checked this topic, but it seems that is something different, as my problems doesn't stop after 20 minutes or so.

Thanks you very much.

regards!

Edited by rotterdam, 18 August 2008 - 03:13 AM.

#2
Mike

Posted 22 August 2008 - 10:46 AM

Malware Monger

Retired Staff
2,745 posts

Hi there,

Sorry for the big delay.

Please download OTViewIt by OldTimer.
Double click on OTViewIt.exe and select Scan in the upper right corner.
In a few minutes a notepad file will appear, please post the contents of that here in your next post.

And,

Click on your favourite web browser (Internet Explorer, Firefox, etc) and select Run As Administrator to run it.

Download the latest version of Java Runtime Environment (JRE) 6 Update 7. Once done, uninstall any older versions of Java through add or remove programs.

Go to Kaspersky website and perform an online antivirus scan.

Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
  Archives
  Mail databases
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.

#3
rotterdam

Posted 25 August 2008 - 03:48 AM

Member

Topic Starter
Member
13 posts

Hi there! thanks for your reply!

i did the things you advised me to do.

And the Kaspersky scan actually found two things! But i am not sure wether they are actually real virus or other evil stuff..

here's the report:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, August 24, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, August 23, 2008 13:54:09
Records in database: 1133192
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Files scanned: 63878
Threat name: 2
Infected objects: 3
Suspicious objects: 0
Duration of the scan: 02:21:57

File name / Threat name / Threats count
C:\IBMTOOLS\APPS\RRPC\RRPC\superinstall.EXE Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.333 2
C:\System Volume Information\_restore{47315DE9-7B76-4761-8190-8D72AAA58ACF}\RP93\A0010553.exe Infected: not-a-virus:FraudTool.Win32.SpyNoMore.g 1

The selected area was scanned.
-------------------------------------------------------------------------------

Perhaps you can see?

thanks again!!

#4
Mike

Posted 25 August 2008 - 04:03 AM

Malware Monger

Retired Staff
2,745 posts

The two things that kaspersky found aren't bad

Download OTViewIt to your desktop.

Close all windows and open it
Click Run Scan and let the program run uninterrupted
It will produce two logs for you, one will pop up called OTViewIt.txt, the other will be saved on your desktop and called Extras. Post both those logs here.
You may need to use two posts to get it all on the forum

Edited by Mike, 25 August 2008 - 04:04 AM.

#5
rotterdam

Posted 25 August 2008 - 04:52 AM

Member

Topic Starter
Member
13 posts

I'll try that when i'm back from vacation!!

thanks!

#6
Mike

Posted 25 August 2008 - 08:11 AM

Malware Monger

Retired Staff
2,745 posts

If you find your thread has been closed, please just PM me and I'll reopen it.

have a good trip!

Mike

#7
Mike

Posted 26 August 2008 - 08:48 AM

Malware Monger

Retired Staff
2,745 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

#8
Mike

Posted 01 September 2008 - 03:08 AM

Malware Monger

Retired Staff
2,745 posts

Opened at topic starters request

Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

#9
rotterdam

Posted 01 September 2008 - 05:04 AM

Member

Topic Starter
Member
13 posts

Hi again!

thanks for the fast action.

*I have changed a few things in the file with my name in it*

First file:

OTViewIt logfile created on: 1-9-2008 13:00:01 - Run 6
OTViewIt by OldTimer - Version 1.0.1.7 Folder = C:\Documents and Settings\MYNAME\Mijn documenten\temp
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

766,92 Mb Total Physical Memory | 446,50 Mb Available Physical Memory | 58,22% Memory free
1,83 Gb Paging File | 1,57 Gb Available in Paging File | 85,47% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 58,97 Gb Free Space | 79,13% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MYCOMPUTER
Current User Name: MYNAME
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On

===== Processes - Non-Microsoft Only =====

[02-26-2004 10:26 AM | 00,057,344 | ---- | M] () - C:\WINDOWS\system32\ibmpmsvc.exe
[09-12-2003 06:39 AM | 00,323,584 | ---- | M] () - C:\WINDOWS\system32\ati2evxx.exe
[09-12-2003 06:39 AM | 00,323,584 | ---- | M] () - C:\WINDOWS\system32\ati2evxx.exe
[08-28-2003 08:11 PM | 00,110,592 | ---- | M] (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[09-04-2003 08:03 AM | 00,077,824 | ---- | M] () - C:\WINDOWS\system32\TpShocks.exe
[08-07-2004 04:26 AM | 00,094,208 | ---- | M] () - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
[08-18-2004 12:30 PM | 00,708,608 | ---- | M] (IBM Corp.) - C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
[08-18-2004 12:30 PM | 00,081,920 | ---- | M] (IBM Corp.) - C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
[07-16-2004 06:51 AM | 00,077,824 | ---- | M] () - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
[01-11-2002 12:01 AM | 00,065,536 | ---- | M] (IBM Corporation) - C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
[07-18-2003 11:02 AM | 00,208,896 | ---- | M] (IBM Corp.) - C:\Program Files\ThinkPad\Utilities\EzEjMnAp.Exe
[06-27-2003 05:53 PM | 00,088,363 | ---- | M] (Agere Systems) - C:\WINDOWS\AGRSMMSG.exe
[09-06-2005 02:45 PM | 00,820,736 | ---- | M] (Nokia Mobile Phones Ltd.) - C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
[05-02-2008 02:44 AM | 00,805,392 | ---- | M] (Logitech, Inc.) - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[05-02-2008 02:40 AM | 00,076,304 | ---- | M] (Logitech, Inc.) - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
[08-30-2005 11:31 AM | 00,118,272 | ---- | M] (Nokia.) - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
[08-18-2004 12:30 PM | 00,073,728 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\QCONSVC.EXE
[07-12-2003 03:19 AM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe
[07-17-2004 05:24 AM | 00,036,864 | ---- | M] () - C:\WINDOWS\system32\acs.exe
[07-18-2008 01:24 PM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe

===== Win32 Services - Non-Microsoft Only =====

(ACS) ACU Configuration Service [On_Demand | Running]
[07-17-2004 05:24 AM | 00,036,864 | ---- | M] () - C:\WINDOWS\system32\acs.exe

(Ati HotKey Poller) Ati HotKey Poller [Auto | Running]
[09-12-2003 06:39 AM | 00,323,584 | ---- | M] () - C:\WINDOWS\system32\ati2evxx.exe

(IBMPMSVC) IBM PM Service [Auto | Running]
[02-26-2004 10:26 AM | 00,057,344 | ---- | M] () - C:\WINDOWS\system32\ibmpmsvc.exe

(LBTServ) Logitech Bluetooth Service [On_Demand | Stopped]
[05-02-2008 02:42 AM | 00,121,360 | ---- | M] (Logitech, Inc.) - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

(QCONSVC) QCONSVC [Auto | Running]
[08-18-2004 12:30 PM | 00,073,728 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\QCONSVC.EXE

(TpKmpSVC) IBM KCU Service [Auto | Running]
[07-12-2003 03:19 AM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe

===== Driver Services - Non-Microsoft Only =====

(ac97intc) Intel® 82801 Audio Driver Install Service (WDM) [On_Demand | Stopped]
[08-18-2001 05:20 AM | 00,096,256 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\ac97intc.sys

(AgereSoftModem) Agere Systems Soft Modem [On_Demand | Running]
[06-27-2003 05:53 PM | 01,196,352 | ---- | M] (Agere Systems) - C:\WINDOWS\system32\drivers\AGRSM.sys

(ANC) ANC [System | Running]
[08-18-2004 12:30 PM | 00,011,520 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\drivers\ANC.sys

(AR5211) Dual-band Wi-Fi Wireless Mini PCI Adapter [On_Demand | Running]
[07-23-2004 03:41 AM | 00,393,408 | ---- | M] (Atheros Communications, Inc.) - C:\WINDOWS\system32\drivers\ar5211.sys

(E1000) Intel® PRO/1000 Adapter Driver [On_Demand | Running]
[06-13-2003 06:39 PM | 00,104,448 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\e1000325.sys

(E100B) Intel® PRO Adapter-stuurprogramma [On_Demand | Stopped]
[09-07-2001 04:49 AM | 00,117,760 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\e100b325.sys

(IBMPMDRV) IBMPMDRV [On_Demand | Running]
[02-26-2004 10:26 AM | 00,011,344 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\drivers\ibmpmdrv.sys

(IBMTPCHK) IBMTPCHK [System | Running]
[08-18-2004 12:30 PM | 00,002,432 | ---- | M] () - C:\WINDOWS\system32\drivers\IBMBLDID.SYS

(LHidFilt) Logitech SetPoint KMDF HID Filter Driver [On_Demand | Running]
[02-29-2008 03:13 AM | 00,035,344 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\system32\drivers\LHidFilt.Sys

(LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [On_Demand | Running]
[02-29-2008 03:13 AM | 00,036,880 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\system32\drivers\LMouFilt.Sys

(LucentSoftModem) Lucent Technologies Soft Modem [On_Demand | Stopped]
[08-18-2001 06:28 AM | 00,802,683 | ---- | M] (Lucent Technologies) - C:\WINDOWS\system32\drivers\LTSM.sys

(LUsbFilt) Logitech SetPoint KMDF USB Filter [On_Demand | Stopped]
[02-29-2008 03:13 AM | 00,028,944 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\system32\drivers\LUsbFilt.sys

(mraid35x) mraid35x [Disabled | Stopped]
[08-18-2001 06:52 AM | 00,017,280 | ---- | M] (American Megatrends Inc.) - C:\WINDOWS\system32\drivers\mraid35x.sys

(NSCIRDA) Stuurprogramma voor NSC-infraroodapparaat [On_Demand | Running]
[04-13-2008 08:54 PM | 00,028,672 | ---- | M] (National Semiconductor Corporation) - C:\WINDOWS\system32\drivers\nscirda.sys

(QCNDISIF) QCNDISIF [On_Demand | Stopped]
[08-18-2004 12:30 PM | 00,012,288 | ---- | M] (IBM Corporation.) - C:\WINDOWS\system32\drivers\qcndisif.sys

(ShockMgr) ShockMgr [Auto | Running]
[07-24-2003 10:26 PM | 00,004,225 | ---- | M] (IBM Corporation) - C:\WINDOWS\System32\drivers\ShockMgr.sys

(Shockprf) Shockprf [Boot | Running]
[09-11-2003 07:03 PM | 00,052,136 | ---- | M] (IBM Corporation) - C:\WINDOWS\System32\drivers\shockprf.sys

(Sparrow) Sparrow [Disabled | Stopped]
[08-18-2001 07:07 AM | 00,019,072 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\system32\drivers\sparrow.sys

(SynTP) Synaptics TouchPad Driver [On_Demand | Running]
[08-28-2003 07:50 PM | 00,270,288 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\system32\drivers\SynTP.sys

(TDSMAPI) TDSMAPI [System | Running]
[07-03-2003 10:34 AM | 00,008,830 | ---- | M] () - C:\WINDOWS\system32\drivers\TDSMAPI.SYS

(TPHKDRV) TPHKDRV [System | Running]
[06-10-2004 05:19 AM | 00,016,340 | ---- | M] (IBM Corporation) - C:\WINDOWS\System32\drivers\TPHKDRV.sys

(TPPWR) TPPWR [System | Running]
[07-11-2003 10:34 AM | 00,015,360 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\drivers\TPPWR.SYS

(TSMAPIP) TSMAPIP [System | Running]
[09-12-2003 11:21 AM | 00,007,168 | ---- | M] () - C:\WINDOWS\system32\drivers\TSMAPIP.SYS

(TwoTrack) Stuurprogramma voor IBM PS/2 TrackPoint Filter [On_Demand | Stopped]
[08-18-2001 06:48 AM | 00,011,520 | ---- | M] (IBM Corporation) - C:\WINDOWS\system32\drivers\TwoTrack.sys

(upperdev) upperdev [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys

========== Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG" = AGRSMMSG.exe [06-27-2003 05:53 PM | 00,088,363 | ---- | M] (Agere Systems)
"ATIModeChange" = Ati2mdxx.exe [09-05-2001 01:24 AM | 00,028,672 | ---- | M] (ATI Technologies, Inc.)
"ATIPTA" = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [09-12-2003 06:10 AM | 00,335,872 | ---- | M] (ATI Technologies, Inc.)
"BMMGAG" = RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor [07-11-2003 10:34 AM | 00,094,208 | ---- | M] (IBM Corp.)
"BMMLREF" = C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE [07-11-2003 10:34 AM | 00,020,480 | ---- | M] ()
"DataLayer" = C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [09-06-2005 02:45 PM | 00,820,736 | ---- | M] (Nokia Mobile Phones Ltd.)
"EZEJMNAP" = C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [07-18-2003 11:02 AM | 00,208,896 | ---- | M] (IBM Corp.)
"Kernel and Hardware Abstraction Layer" = KHALMNPR.EXE [02-29-2008 03:12 AM | 00,076,304 | ---- | M] (Logitech, Inc.)
"MSPY2002" = C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC [08-03-2004 10:31 PM | 00,059,392 | ---- | M] ()
"QCTRAY" = C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE [08-18-2004 12:30 PM | 00,708,608 | ---- | M] (IBM Corp.)
"QCWLICON" = C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE [08-18-2004 12:30 PM | 00,081,920 | ---- | M] (IBM Corp.)
"S3TRAY2" = S3Tray2.exe [10-12-2001 07:32 AM | 00,069,632 | ---- | M] (S3 Graphics, Inc.)
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06-10-2008 04:27 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"SynTPLpr" = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [08-28-2003 08:11 PM | 00,110,592 | ---- | M] (Synaptics, Inc.)
"TP4EX" = tp4ex.exe [09-04-2002 10:05 AM | 00,053,248 | ---- | M] (IBM Corporation)
"TPHOTKEY" = C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [08-07-2004 04:26 AM | 00,094,208 | ---- | M] ()
"TPKMAPHELPER" = C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper [09-02-2003 10:56 PM | 00,897,024 | ---- | M] (IBM Corp.)
"TpShocks" = TpShocks.exe [09-04-2003 08:03 AM | 00,077,824 | ---- | M] ()
"UC_Start" = C:\IBMTools\Updater\ucstartup.exe [03-18-2003 12:27 AM | 00,032,768 | ---- | M] ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue RegistryBooster 2" = C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S [07-08-2008 03:05 PM | 01,923,352 | ---- | M] (Uniblue Software)
"Uniblue SpeedUpMyPC" = C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s [01-29-2008 09:46 AM | 09,442,584 | ---- | M] (Uniblue Software)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.

========== Startup Folders ==========

[All Users Startup Folder - C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten]
[05-02-2008 02:44 AM | 00,805,392 | ---- | M] (Logitech, Inc.) - C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

[MYNAME Startup Folder - C:\Documents and Settings\MYNAME\Menu Start\Programma's\Opstarten]

========== BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
HKLM CLSID: (Adobe PDF Reader Help bij koppelingen) - [10-22-2006 11:08 PM | 00,062,080 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (SSVHelper Class) - [06-10-2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

========== Toolbars ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

========== AppInit_Dlls ==========

========== HKLM Security Providers ==========

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
"Explorer.exe" - [04-14-2008 07:02 PM | 01,037,312 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
"C:\WINDOWS\system32\userinit.exe" - [04-14-2008 07:03 PM | 00,026,112 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
"logonui.exe" - [04-14-2008 07:03 PM | 00,515,072 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
"rundll32 shell32" - [04-14-2008 07:02 PM | 08,508,416 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
"Control_RunDLL "sysdm.cpl"" - [04-14-2008 07:03 PM | 00,304,640 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

========== User's Winlogon Settings ==========

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DllName" = C:\WINDOWS\system32\ati2evxx.dll [09-12-2003 06:39 AM | 00,086,016 | ---- | M] ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
"DllName" = c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll [05-02-2008 02:42 AM | 00,072,208 | ---- | M] (Logitech, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\QConGina]
"DllName" = C:\WINDOWS\system32\QConGina.dll [08-18-2004 12:30 PM | 00,258,048 | ---- | M] (IBM Corp.)

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
Unable to open key or key not present!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

========== Lsa Authentication Packages ==========

========== Lsa Security Packages ==========

========== Desktop Components ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"FriendlyName" = "Mijn huidige introductiepagina"
"Source" = "About:Home"
"SubscribedURL" = "About:Home"

========== Safeboot Options ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

========== Disabled MsConfig Items ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[07-01-2008 04:23 AM | 00,000,000 | -H-- | M] () C:\AUTOEXEC.BAT [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c385fb20-7744-11dd-af46-0016ce3637b0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfcee790-71f6-11dd-af43-0016ce3637b0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfcee791-71f6-11dd-af43-0016ce3637b0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfcee792-71f6-11dd-af43-0016ce3637b0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfcee793-71f6-11dd-af43-0016ce3637b0}\Shell]
"" = None

========== DNS Name Servers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{0569057F-D6EA-4AA9-946F-2F7AFF8BBBBD}]
Servers: | Description: Intel® PRO/1000 MT Mobile Connection

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{0A6D6E57-57E2-4157-BE86-8B2060665D57}]
Servers: | Description: 11a/b/g Wireless LAN Mini PCI Adapter II

========== Hosts File ==========

HOSTS File = (776 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== Files/Folders - Created Within 90 days ==========

[06-30-2008 06:33 PM | RH-D | C] - C:\MSOCache
[06-30-2008 08:29 PM | 00,000,000 | RHS- | C] () - C:\MSDOS.SYS
[06-30-2008 08:30 PM | ---D | C] - C:\VanDale
[06-30-2008 08:33 PM | -HSD | C] - C:\RECYCLER
[07-01-2008 02:08 AM | ---D | C] - C:\IBMTOOLS
[07-01-2008 02:33 AM | ---D | C] - C:\DRIVERS
[07-01-2008 02:34 AM | 00,001,138 | ---- | C] () - C:\SYSLEVEL.IBM
[07-01-2008 03:48 AM | 80,424,5504 | -HS- | C] () - C:\hiberfil.sys
[07-01-2008 03:57 AM | 00,000,000 | -H-- | C] () - C:\AUTOEXEC.BAT
[07-01-2008 04:00 AM | ---D | C] - C:\icons
[07-01-2008 04:08 AM | -HSD | C] - C:\Recycled
[07-08-2008 10:56 AM | 00,000,629 | ---- | C] () - C:\index.html
[08-18-2008 11:06 AM | ---D | C] - C:\VundoFix Backups
[08-24-2008 06:24 PM | ---D | C] - C:\pics flo
[06-30-2008 06:57 PM | 00,000,403 | ---- | C] () - C:\WINDOWS\System32\dllcache\npdrmv2.zip
[06-30-2008 06:57 PM | 00,000,717 | ---- | C] () - C:\WINDOWS\System32\dllcache\cloapp.gif
[06-30-2008 06:57 PM | 00,000,726 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst15.wpl
[06-30-2008 06:57 PM | 00,000,760 | ---- | C] () - C:\WINDOWS\System32\dllcache\cloapph.gif
[06-30-2008 06:57 PM | 00,000,772 | ---- | C] () - C:\WINDOWS\System32\dllcache\cntd.gif
[06-30-2008 06:57 PM | 00,000,773 | ---- | C] () - C:\WINDOWS\System32\dllcache\cnt.gif
[06-30-2008 06:57 PM | 00,000,773 | ---- | C] () - C:\WINDOWS\System32\dllcache\cnth.gif
[06-30-2008 06:57 PM | 00,000,782 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst14.wpl
[06-30-2008 06:57 PM | 00,000,786 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst9.wpl
[06-30-2008 06:57 PM | 00,000,789 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst13.wpl
[06-30-2008 06:57 PM | 00,000,801 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst10.wpl
[06-30-2008 06:57 PM | 00,000,804 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst11.wpl
[06-30-2008 06:57 PM | 00,000,999 | ---- | C] () - C:\WINDOWS\System32\dllcache\bktrh.gif
[06-30-2008 06:57 PM | 00,001,043 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst8.wpl
[06-30-2008 06:57 PM | 00,001,048 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst7.wpl
[06-30-2008 06:57 PM | 00,001,051 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst2.wpl
[06-30-2008 06:57 PM | 00,001,148 | ---- | C] () - C:\WINDOWS\System32\dllcache\snd.htm
[06-30-2008 06:57 PM | 00,001,251 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst1.wpl
[06-30-2008 06:57 PM | 00,001,367 | ---- | C] () - C:\WINDOWS\System32\dllcache\taoffh.gif
[06-30-2008 06:57 PM | 00,001,380 | ---- | C] () - C:\WINDOWS\System32\dllcache\taoff.gif
[06-30-2008 06:57 PM | 00,001,380 | ---- | C] () - C:\WINDOWS\System32\dllcache\taonh.gif
[06-30-2008 06:57 PM | 00,001,398 | ---- | C] () - C:\WINDOWS\System32\dllcache\taon.gif
[06-30-2008 06:57 PM | 00,001,453 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst4.wpl
[06-30-2008 06:57 PM | 00,001,460 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst12.wpl
[06-30-2008 06:57 PM | 00,001,471 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst3.wpl
[06-30-2008 06:57 PM | 00,001,474 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst6.wpl
[06-30-2008 06:57 PM | 00,001,476 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst5.wpl
[06-30-2008 06:57 PM | 00,001,771 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmptour.css
[06-30-2008 06:57 PM | 00,001,774 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpocm.inf
[06-30-2008 06:57 PM | 00,001,818 | ---- | C] () - C:\WINDOWS\System32\dllcache\skins.inf
[06-30-2008 06:57 PM | 00,002,371 | ---- | C] () - C:\WINDOWS\System32\dllcache\tpauseh.gif
[06-30-2008 06:57 PM | 00,002,375 | ---- | C] () - C:\WINDOWS\System32\dllcache\tplayh.gif
[06-30-2008 06:57 PM | 00,002,450 | ---- | C] () - C:\WINDOWS\System32\dllcache\tpause.gif
[06-30-2008 06:57 PM | 00,002,469 | ---- | C] () - C:\WINDOWS\System32\dllcache\tplay.gif
[06-30-2008 06:57 PM | 00,002,477 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm5.gif
[06-30-2008 06:57 PM | 00,002,545 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplogo.gif
[06-30-2008 06:57 PM | 00,002,778 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplogoh.gif
[06-30-2008 06:57 PM | 00,003,187 | ---- | C] () - C:\WINDOWS\System32\dllcache\tour.js
[06-30-2008 06:57 PM | 00,004,193 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm8.gif
[06-30-2008 06:57 PM | 00,005,290 | ---- | C] () - C:\WINDOWS\System32\dllcache\vidsamp.gif
[06-30-2008 06:57 PM | 00,005,789 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm1.gif
[06-30-2008 06:57 PM | 00,005,971 | ---- | C] () - C:\WINDOWS\System32\dllcache\events.js
[06-30-2008 06:57 PM | 00,006,060 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm6.gif
[06-30-2008 06:57 PM | 00,006,241 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm3.gif
[06-30-2008 06:57 PM | 00,007,369 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm4.gif
[06-30-2008 06:57 PM | 00,007,636 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm2.gif
[06-30-2008 06:57 PM | 00,007,892 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm9.gif
[06-30-2008 06:57 PM | 00,008,677 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm7.gif
[06-30-2008 06:57 PM | 00,009,585 | ---- | C] () - C:\WINDOWS\System32\dllcache\controls.css
[06-30-2008 06:57 PM | 00,013,540 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmfsdk.inf
[06-30-2008 06:57 PM | 00,017,489 | ---- | C] () - C:\WINDOWS\System32\dllcache\videobg.gif
[06-30-2008 06:57 PM | 00,022,060 | ---- | C] () - C:\WINDOWS\System32\dllcache\npds.zip
[06-30-2008 06:57 PM | 00,023,829 | ---- | C] () - C:\WINDOWS\System32\dllcache\tourbg.gif
[06-30-2008 06:57 PM | 00,026,500 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmplay.chm
[06-30-2008 06:57 PM | 00,034,558 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmdm.inf
[06-30-2008 06:57 PM | 00,036,620 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplayer2.inf
[06-30-2008 06:57 PM | 00,059,392 | ---- | C] () - C:\WINDOWS\System32\dllcache\imscinst.exe
[06-30-2008 06:57 PM | 00,066,137 | ---- | C] () - C:\WINDOWS\System32\dllcache\revert.wmz
[06-30-2008 06:57 PM | 00,074,046 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmplayer.adm
[06-30-2008 06:57 PM | 00,082,771 | ---- | C] () - C:\WINDOWS\System32\dllcache\plyr_err.chm
[06-30-2008 06:57 PM | 00,086,180 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud2.wav
[06-30-2008 06:57 PM | 00,086,180 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud4.wav
[06-30-2008 06:57 PM | 00,086,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud5.wav
[06-30-2008 06:57 PM | 00,172,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud3.wav
[06-30-2008 06:57 PM | 00,172,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud8.wav
[06-30-2008 06:57 PM | 00,172,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud9.wav
[06-30-2008 06:57 PM | 00,184,094 | ---- | C] () - C:\WINDOWS\System32\dllcache\compact.wmz
[06-30-2008 06:57 PM | 00,196,665 | ---- | C] () - C:\WINDOWS\System32\dllcache\imjpinst.exe
[06-30-2008 06:57 PM | 00,343,204 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud6.wav
[06-30-2008 06:57 PM | 00,343,204 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud7.wav
[06-30-2008 06:57 PM | 00,354,468 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud1.wav
[06-30-2008 06:57 PM | 00,652,190 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmplayer.chm
[07-01-2008 03:40 AM | 00,007,334 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmerrenu.cat
[07-01-2008 03:40 AM | 00,067,866 | ---- | C] () - C:\WINDOWS\System32\dllcache\netwlan5.img
[07-04-2008 10:15 AM | 00,108,827 | ---- | C] () - C:\WINDOWS\System32\dllcache\hanja.lex
[07-04-2008 10:15 AM | 00,134,339 | ---- | C] () - C:\WINDOWS\System32\dllcache\imekr.lex
[07-04-2008 10:15 AM | 01,158,818 | ---- | C] () - C:\WINDOWS\System32\dllcache\korwbrkr.lex
[07-01-2008 03:40 AM | 00,064,352 | ---- | C] () - C:\WINDOWS\System32\drivers\ativmc20.cod
[07-01-2008 03:40 AM | 00,067,866 | ---- | C] () - C:\WINDOWS\System32\drivers\netwlan5.img
[07-01-2008 03:40 AM | 00,129,045 | ---- | C] () - C:\WINDOWS\System32\drivers\cxthsfs2.cty
[07-01-2008 03:50 AM | 00,000,000 | RH-- | C] () - C:\WINDOWS\System32\drivers\IBM_2374_N09_TP.MRK
[07-01-2008 03:50 AM | 00,004,225 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\drivers\ShockMgr.sys
[07-01-2008 03:50 AM | 00,052,136 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\drivers\shockprf.sys
[07-01-2008 03:51 AM | 00,015,360 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\drivers\TPPWR.SYS
[07-01-2008 03:51 AM | 00,393,408 | ---- | C] (Atheros Communications, Inc.) - C:\WINDOWS\System32\drivers\ar5211.sys
[07-01-2008 03:52 AM | 00,002,432 | ---- | C] () - C:\WINDOWS\System32\drivers\IBMBLDID.SYS
[07-01-2008 03:52 AM | 00,008,830 | ---- | C] () - C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[07-01-2008 03:52 AM | 00,011,520 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\drivers\ANC.sys
[07-01-2008 03:52 AM | 00,012,288 | ---- | C] (IBM Corporation.) - C:\WINDOWS\System32\drivers\qcndisif.sys
[07-01-2008 03:53 AM | 00,007,168 | ---- | C] () - C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[07-01-2008 04:23 AM | 00,000,047 | ---- | C] () - C:\WINDOWS\System32\drivers\IBM_2374_N09.MRK
[07-12-2008 12:40 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[07-12-2008 12:41 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[07-12-2008 12:41 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[07-14-2008 10:51 AM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[07-20-2008 04:43 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[1 C:\WINDOWS\System32\*.tmp files]
[06-30-2008 06:31 PM | ---D | C] - C:\WINDOWS\System32\SoftwareDistribution
[06-30-2008 06:34 PM | ---D | C] - C:\WINDOWS\System32\PreInstall
[06-30-2008 07:21 PM | ---D | C] - C:\WINDOWS\System32\bits
[06-30-2008 07:21 PM | ---D | C] - C:\WINDOWS\System32\nl
[06-30-2008 07:21 PM | ---D | C] - C:\WINDOWS\System32\nl-nl
[06-30-2008 09:19 PM | 00,000,565 | ---- | C] () - C:\WINDOWS\System32\mapisvc.inf
[06-30-2008 09:19 PM | 00,000,581 | ---- | C] () - C:\WINDOWS\System32\msft.mib
[06-30-2008 09:19 PM | 00,000,698 | ---- | C] () - C:\WINDOWS\System32\inetsrv.mib
[06-30-2008 09:19 PM | 00,001,361 | ---- | C] () - C:\WINDOWS\System32\fxscount.h
[06-30-2008 09:19 PM | 00,003,717 | ---- | C] () - C:\WINDOWS\System32\fxsperf.ini
[06-30-2008 09:19 PM | 00,004,332 | ---- | C] () - C:\WINDOWS\System32\smi.mib
[06-30-2008 09:19 PM | 00,004,597 | ---- | C] () - C:\WINDOWS\System32\dhcp.mib
[06-30-2008 09:19 PM | 00,006,179 | ---- | C] () - C:\WINDOWS\System32\ftp.mib
[06-30-2008 09:19 PM | 00,010,313 | ---- | C] () - C:\WINDOWS\System32\mripsap.mib
[06-30-2008 09:19 PM | 00,013,767 | ---- | C] () - C:\WINDOWS\System32\msipbtp.mib
[06-30-2008 09:19 PM | 00,015,597 | ---- | C] () - C:\WINDOWS\System32\accserv.mib
[06-30-2008 09:19 PM | 00,015,799 | ---- | C] () - C:\WINDOWS\System32\ipforwd.mib
[06-30-2008 09:19 PM | 00,016,617 | ---- | C] () - C:\WINDOWS\System32\authserv.mib
[06-30-2008 09:19 PM | 00,020,079 | ---- | C] () - C:\WINDOWS\System32\http.mib
[06-30-2008 09:19 PM | 00,021,386 | ---- | C] () - C:\WINDOWS\System32\mipx.mib
[06-30-2008 09:19 PM | 00,026,100 | ---- | C] () - C:\WINDOWS\System32\lmmib2.mib
[06-30-2008 09:19 PM | 00,026,236 | ---- | C] () - C:\WINDOWS\System32\wins.mib
[06-30-2008 09:19 PM | 00,030,448 | ---- | C] () - C:\WINDOWS\System32\mcastmib.mib
[06-30-2008 09:19 PM | 00,034,317 | ---- | C] () - C:\WINDOWS\System32\msiprip2.mib
[06-30-2008 09:19 PM | 00,038,608 | ---- | C] () - C:\WINDOWS\System32\nipx.mib
[06-30-2008 09:19 PM | 00,048,593 | ---- | C] () - C:\WINDOWS\System32\hostmib.mib
[06-30-2008 09:19 PM | 00,049,275 | ---- | C] () - C:\WINDOWS\System32\wfospf.mib
[06-30-2008 09:19 PM | 00,107,882 | ---- | C] () - C:\WINDOWS\System32\mib_ii.mib
[06-30-2008 09:19 PM | ---D | C] - C:\WINDOWS\System32\FxsTmp
[06-30-2008 09:23 PM | ---D | C] - C:\WINDOWS\System32\appmgmt
[07-01-2008 02:34 AM | 00,002,211 | ---- | C] () - C:\WINDOWS\System32\OEMINFO.INI
[07-01-2008 03:40 AM | 00,118,272 | ---- | C] () - C:\WINDOWS\System32\mpeg2data.ax
[07-01-2008 03:40 AM | 00,120,320 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\ir41_qc.dll
[07-01-2008 03:40 AM | 00,154,624 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\ivfsrc.ax
[07-01-2008 03:40 AM | 00,183,808 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\ir50_qcx.dll
[07-01-2008 03:40 AM | 00,199,680 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\iac25_32.ax
[07-01-2008 03:40 AM | 00,200,192 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\ir50_qc.dll
[07-01-2008 03:40 AM | 00,338,432 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\ir41_qcx.dll
[07-01-2008 03:40 AM | 00,755,200 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\ir50_32.dll
[07-01-2008 03:40 AM | 00,848,384 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\ir41_32.ax
[07-01-2008 03:41 AM | 00,053,248 | ---- | C] () - C:\WINDOWS\System32\vbicodec.ax
[07-01-2008 03:41 AM | 00,164,352 | ---- | C] () - C:\WINDOWS\System32\wstpager.ax
[07-01-2008 03:41 AM | 00,239,616 | ---- | C] () - C:\WINDOWS\System32\wstrenderer.ax
[07-01-2008 03:45 AM | 00,000,333 | ---- | C] () - C:\WINDOWS\System32\$ncsp$.inf
[07-01-2008 03:50 AM | 00,002,193 | ---- | C] () - C:\WINDOWS\System32\TpShPrm.jpg
[07-01-2008 03:50 AM | 00,003,063 | ---- | C] () - C:\WINDOWS\System32\TpShPrm.hta
[07-01-2008 03:50 AM | 00,025,214 | ---- | C] () - C:\WINDOWS\System32\TpShocks.ICO
[07-01-2008 03:50 AM | 00,049,152 | ---- | C] () - C:\WINDOWS\System32\Sensor.dll
[07-01-2008 03:50 AM | 00,077,824 | ---- | C] () - C:\WINDOWS\System32\TpShocks.exe
[07-01-2008 03:50 AM | 00,106,496 | ---- | C] () - C:\WINDOWS\System32\TpShCPL.cpl
[07-01-2008 03:50 AM | 00,110,937 | ---- | C] () - C:\WINDOWS\System32\TpShPrm.gif
[07-01-2008 03:50 AM | 00,376,832 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\TpShCPL.dll
[07-01-2008 03:51 AM | 00,008,212 | ---- | C] () - C:\WINDOWS\System32\net5211.cat
[07-01-2008 03:51 AM | 00,025,495 | ---- | C] () - C:\WINDOWS\System32\net5211.inf
[07-01-2008 03:51 AM | 00,036,864 | ---- | C] () - C:\WINDOWS\System32\acs.exe
[07-01-2008 03:51 AM | 00,110,592 | ---- | C] () - C:\WINDOWS\System32\AegisI5.exe
[07-01-2008 03:51 AM | 00,118,784 | ---- | C] (Atheros) - C:\WINDOWS\System32\ATHCFG10.DLL
[07-01-2008 03:51 AM | 00,147,456 | ---- | C] () - C:\WINDOWS\System32\ssleay32.dll
[07-01-2008 03:51 AM | 00,393,408 | ---- | C] (Atheros Communications, Inc.) - C:\WINDOWS\System32\ar5211.sys
[07-01-2008 03:51 AM | 00,409,600 | ---- | C] (Atheros) - C:\WINDOWS\System32\athcfg11.dll
[07-01-2008 03:51 AM | 00,651,264 | ---- | C] () - C:\WINDOWS\System32\libeay32.dll
[07-01-2008 03:52 AM | 00,034,816 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\TP98.CPL
[07-01-2008 03:52 AM | 00,073,728 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\QCONSVC.EXE
[07-01-2008 03:52 AM | 00,258,048 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\QConGina.dll
[07-01-2008 03:52 AM | 00,282,624 | ---- | C] (IBM) - C:\WINDOWS\System32\tvt_gina_api.dll
[07-01-2008 03:52 AM | 00,573,440 | ---- | C] (IBM) - C:\WINDOWS\System32\tvt_gina.dll
[07-01-2008 03:53 AM | 00,004,458 | ---- | C] () - C:\WINDOWS\System32\TP4CLICK.WAV
[07-01-2008 03:53 AM | 00,005,928 | ---- | C] () - C:\WINDOWS\System32\TP4LATCH.WAV
[07-01-2008 03:53 AM | 00,008,264 | ---- | C] () - C:\WINDOWS\System32\TP4EX.HLP
[07-01-2008 03:53 AM | 00,032,768 | ---- | C] () - C:\WINDOWS\System32\TpKmpSvc.exe
[07-01-2008 03:53 AM | 00,049,152 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\tp4cross.exe
[07-01-2008 03:53 AM | 00,053,248 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\TP4EX.exe
[07-01-2008 03:53 AM | 00,053,248 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\TP4HOOK.dll
[07-01-2008 03:53 AM | 00,061,440 | ---- | C] () - C:\WINDOWS\System32\FPCALL.dll
[07-01-2008 03:53 AM | 00,061,440 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\tp4ex.cpl
[07-01-2008 03:54 AM | ---D | C] - C:\WINDOWS\System32\ReinstallBackups
[07-01-2008 03:58 AM | ---D | C] - C:\WINDOWS\System32\SBUtils
[07-01-2008 03:59 AM | 00,393,216 | ---- | C] (IBM) - C:\WINDOWS\System32\IBMJavaPlugin141.cpl
[07-01-2008 03:59 AM | ---D | C] - C:\WINDOWS\System32\thinkpad_features
[07-01-2008 04:23 AM | 00,000,010 | ---- | C] () - C:\WINDOWS\System32\firstboot.ibm
[07-04-2008 10:14 AM | 00,066,082 | ---- | C] () - C:\WINDOWS\System32\C_28596.NLS
[07-04-2008 10:15 AM | 00,000,520 | ---- | C] () - C:\WINDOWS\System32\dayiphr.tbl
[07-04-2008 10:15 AM | 00,000,700 | ---- | C] () - C:\WINDOWS\System32\dayiptr.tbl
[07-04-2008 10:15 AM | 00,001,460 | ---- | C] () - C:\WINDOWS\System32\a15.tbl
[07-04-2008 10:15 AM | 00,001,486 | ---- | C] () - C:\WINDOWS\System32\noise.kor
[07-04-2008 10:15 AM | 00,002,060 | ---- | C] () - C:\WINDOWS\System32\noise.jpn
[07-04-2008 10:15 AM | 00,002,714 | ---- | C] () - C:\WINDOWS\System32\phonptr.tbl
[07-04-2008 10:15 AM | 00,004,071 | ---- | C] () - C:\WINDOWS\System32\phon.tbl
[07-04-2008 10:15 AM | 00,014,821 | ---- | C] () - C:\WINDOWS\System32\PINTLPAD.HLP
[07-04-2008 10:15 AM | 00,016,254 | ---- | C] () - C:\WINDOWS\System32\PINTLPAE.HLP
[07-04-2008 10:15 AM | 00,016,312 | ---- | C] () - C:\WINDOWS\System32\arptr.tbl
[07-04-2008 10:15 AM | 00,018,600 | ---- | C] () - C:\WINDOWS\System32\arrayhw.tab
[07-04-2008 10:15 AM | 00,024,114 | ---- | C] () - C:\WINDOWS\System32\lcptr.tbl
[07-04-2008 10:15 AM | 00,043,242 | ---- | C] () - C:\WINDOWS\System32\phoncode.tbl
[07-04-2008 10:15 AM | 00,044,370 | ---- | C] () - C:\WINDOWS\System32\a234.tbl
[07-04-2008 10:15 AM | 00,044,370 | ---- | C] () - C:\WINDOWS\System32\acode.tbl
[07-04-2008 10:15 AM | 00,110,566 | ---- | C] () - C:\WINDOWS\System32\arphr.tbl
[07-04-2008 10:15 AM | 00,116,285 | ---- | C] () - C:\WINDOWS\System32\msdayi.tbl
[07-04-2008 10:15 AM | 00,146,126 | ---- | C] () - C:\WINDOWS\System32\array30.tab
[07-04-2008 10:15 AM | 00,211,938 | ---- | C] () - C:\WINDOWS\System32\lcphrase.tbl
[07-04-2008 10:15 AM | 01,158,818 | ---- | C] () - C:\WINDOWS\System32\korwbrkr.lex
[07-04-2008 10:15 AM | 01,223,500 | ---- | C] () - C:\WINDOWS\System32\WINZM.MB
[07-04-2008 10:15 AM | 01,564,868 | ---- | C] () - C:\WINDOWS\System32\WINSP.MB
[07-04-2008 10:15 AM | 01,783,864 | ---- | C] () - C:\WINDOWS\System32\WINPY.MB
[07-09-2008 02:22 PM | ---D | C] - C:\WINDOWS\System32\en-us
[07-09-2008 02:22 PM | ---D | C] - C:\WINDOWS\System32\XPSViewer
[07-12-2008 05:31 PM | 00,000,056 | -H-- | C] () - C:\WINDOWS\System32\ezsidmv.dat
[07-12-2008 07:31 PM | ---D | C] - C:\WINDOWS\System32\DRVSTORE
[07-12-2008 12:38 PM | 00,117,264 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\KemWnd.dll
[07-12-2008 12:38 PM | 00,145,936 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\KemUtil.dll
[07-12-2008 12:39 PM | 00,084,496 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\KemXML.dll
[07-12-2008 12:39 PM | 00,170,512 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\kemutb.dll
[07-20-2008 04:31 PM | 00,090,624 | ---- | C] (Nokia) - C:\WINDOWS\System32\nmwcdcls.dll
[07-20-2008 10:03 PM | 00,000,230 | ---- | C] () - C:\WINDOWS\System32\spupdsvc.inf
[06-30-2008 06:34 PM | -H-D | C] - C:\WINDOWS\$hf_mig$
[06-30-2008 06:37 PM | ---D | C] - C:\WINDOWS\SHELLNEW
[06-30-2008 06:41 PM | 00,000,395 | ---- | C] () - C:\WINDOWS\ODBC.INI
[06-30-2008 07:07 PM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstall$
[06-30-2008 07:12 PM | ---D | C] - C:\WINDOWS\network diagnostic
[06-30-2008 07:16 PM | ---D | C] - C:\WINDOWS\ServicePackFiles
[06-30-2008 07:21 PM | ---D | C] - C:\WINDOWS\l2schemas
[06-30-2008 07:27 PM | ---D | C] - C:\WINDOWS\Prefetch
[06-30-2008 07:35 PM | 00,000,000 | ---- | C] () - C:\WINDOWS\nsreg.dat
[06-30-2008 08:30 PM | 00,001,368 | ---- | C] () - C:\WINDOWS\vdgwwin.ini
[07-01-2008 03:39 AM | ---D | C] - C:\WINDOWS\EHome
[07-01-2008 03:40 AM | ---D | C] - C:\WINDOWS\peernet
[07-01-2008 03:40 AM | ---D | C] - C:\WINDOWS\provisioning
[07-01-2008 03:41 AM | 00,316,640 | ---- | C] () - C:\WINDOWS\WMSysPr9.prx
[07-01-2008 03:46 AM | ---D | C] - C:\WINDOWS\SoftwareDistribution
[07-01-2008 03:50 AM | 00,110,592 | ---- | C] () - C:\WINDOWS\_tpiu000.exe
[07-01-2008 03:51 AM | 00,184,320 | ---- | C] () - C:\WINDOWS\TPBATHLP.EXE
[07-01-2008 03:54 AM | ---D | C] - C:\WINDOWS\Options
[07-01-2008 03:58 AM | 00,000,023 | ---- | C] () - C:\WINDOWS\Welcome.ini
[07-01-2008 04:08 AM | 00,000,061 | ---- | C] () - C:\WINDOWS\smscfg.ini
[07-01-2008 08:32 AM | ---D | C] - C:\WINDOWS\Sun
[07-02-2008 09:13 AM | ---D | C] - C:\WINDOWS\pss
[07-09-2008 02:20 PM | ---D | C] - C:\WINDOWS\Microsoft.NET
[07-09-2008 02:21 PM | R-SD | C] - C:\WINDOWS\assembly
[07-20-2008 09:28 PM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[07-20-2008 09:29 PM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[07-20-2008 09:31 PM | ---D | C] - C:\WINDOWS\WBEM
[07-01-2008 03:51 AM | 00,000,314 | ---- | C] () - C:\WINDOWS\tasks\BMMTask.job
[07-11-2008 12:36 PM | 00,000,292 | ---- | C] () - C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[07-11-2008 12:36 PM | 00,000,414 | ---- | C] () - C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
[06-30-2008 06:35 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[06-30-2008 09:59 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\WLInstaller
[07-01-2008 03:59 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\ibm
[07-01-2008 04:01 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Symantec
[07-01-2008 11:33 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Adobe
[07-12-2008 05:29 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Skype
[07-12-2008 12:38 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Logitech
[07-12-2008 12:43 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\LogiShrd
[07-20-2008 04:30 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Installations
[07-20-2008 04:33 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Nokia
[07-20-2008 07:13 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\SecTaskMan
[07-20-2008 07:48 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[06-30-2008 07:35 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Mozilla
[06-30-2008 07:42 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Sun
[06-30-2008 10:26 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Adobe
[06-30-2008 10:26 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Macromedia
[07-01-2008 04:22 AM | 00,000,062 | -HS- | C] () - C:\Documents and Settings\MYNAME\Application Data\desktop.ini
[07-01-2008 04:22 AM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Identities
[07-01-2008 04:22 AM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Symantec
[07-01-2008 04:22 AM | --SD | C] - C:\Documents and Settings\MYNAME\Application Data\Microsoft
[07-02-2008 10:52 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\VanDale
[07-07-2008 10:35 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\InterVideo
[07-07-2008 11:06 AM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\EndNote
[07-08-2008 09:13 AM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\FileZilla
[07-11-2008 12:37 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Uniblue
[07-12-2008 05:30 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Skype
[07-12-2008 05:31 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\skypePM
[07-12-2008 12:37 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\InstallShield
[07-12-2008 12:42 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Logitech
[07-14-2008 01:43 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\OpenOffice.org2
[07-15-2008 10:28 AM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Ariane Software
[07-20-2008 04:41 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\PC Suite
[07-20-2008 04:45 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Nokia
[07-20-2008 07:15 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Help
[07-20-2008 07:48 PM | ---D | C] - C:\Documents and Settings\MYNAME\Application Data\Malwarebytes
[06-30-2008 07:35 PM | ---D | C] - C:\Documents and Settings\MYNAME\Local Settings\Application Data\Mozilla
[06-30-2008 10:17 PM | ---D | C] - C:\Documents and Settings\MYNAME\Local Settings\Application Data\PCHealth
[07-01-2008 04:22 AM | 00,013,104 | ---- | C] () - C:\Documents and Settings\MYNAME\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[07-01-2008 04:22 AM | 06,387,856 | -H-- | C] () - C:\Documents and Settings\MYNAME\Local Settings\Application Data\IconCache.db
[07-01-2008 04:22 AM | ---D | C] - C:\Documents and Settings\MYNAME\Local Settings\Application Data\Microsoft
[07-01-2008 11:34 AM | ---D | C] - C:\Documents and Settings\MYNAME\Local Settings\Application Data\Adobe
[07-03-2008 02:12 PM | ---D | C] - C:\Documents and Settings\MYNAME\Local Settings\Application Data\SupportSoft
[07-07-2008 10:34 PM | 00,020,480 | ---- | C] () - C:\Documents and Settings\MYNAME\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[07-20-2008 07:15 PM | ---D | C] - C:\Documents and Settings\MYNAME\Local Settings\Application Data\Help
[07-01-2008 03:47 AM | R--D | C] - C:\Documents and Settings\All Users\Documenten\Mijn video's
[06-30-2008 08:46 PM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\Uren Transcore
[06-30-2008 10:11 PM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\Rechten
[06-30-2008 10:19 PM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\Mijn ontvangen bestanden
[07-01-2008 04:22 AM | 00,000,090 | -HS- | C] () - C:\Documents and Settings\MYNAME\Mijn documenten\desktop.ini
[07-01-2008 04:22 AM | R--D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\Mijn afbeeldingen
[07-01-2008 04:22 AM | R--D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\Mijn muziek
[07-08-2008 04:30 PM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\temp
[07-08-2008 09:16 AM | 03,228,057 | ---- | C] () - C:\Documents and Settings\MYNAME\Mijn documenten\FileZilla_3.0.11.1_win32-setup.exe
[07-08-2008 11:30 AM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\Joomla
[07-11-2008 08:00 PM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\nokia
[07-12-2008 07:33 PM | 00,000,605 | ---- | C] () - C:\Documents and Settings\MYNAME\Mijn documenten\Mijn Gedeelde Mappen.lnk
[08-05-2008 04:06 PM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\Nieuwe map
[08-14-2008 08:45 PM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\werk
[08-19-2008 12:19 PM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\typo3
[08-31-2008 12:23 PM | ---D | C] - C:\Documents and Settings\MYNAME\Mijn documenten\TEXT LOSS
[06-30-2008 07:35 PM | 00,001,613 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Mozilla Firefox.lnk
[07-01-2008 04:00 AM | 00,001,627 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Access IBM.lnk
[07-09-2008 11:58 AM | 00,000,677 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Picasa2.lnk
[07-10-2008 01:28 PM | 00,000,576 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Erasmus.lnk
[07-12-2008 05:29 PM | 00,002,255 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Skype.lnk
[08-18-2008 09:15 PM | 01,567,232 | ---- | C] () - C:\Documents and Settings\MYNAME\Bureaublad\SteamInstall.msi
[08-18-2008 11:02 AM | 00,001,745 | ---- | C] () - C:\Documents and Settings\MYNAME\Bureaublad\HijackThis.lnk
[08-18-2008 11:12 AM | 00,641,975 | ---- | C] (EFD Software ) - C:\Documents and Settings\MYNAME\Bureaublad\hdtune_253.exe
[08-18-2008 12:24 PM | 00,013,824 | ---- | C] () - C:\Documents and Settings\MYNAME\Bureaublad\geneve.xls
[07-12-2008 12:39 PM | 00,001,698 | ---- | C] () - C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Logitech SetPoint.lnk
[07-01-2008 04:22 AM | 00,000,084 | -HS- | C] () - C:\Documents and Settings\MYNAME\Menu Start\Programma's\Opstarten\desktop.ini
[06-30-2008 06:38 PM | ---D | C] - C:\Program Files\Common Files\DESIGNER
[06-30-2008 09:59 PM | -HSD | C] - C:\Program Files\Common Files\WindowsLiveInstaller
[07-01-2008 03:50 AM | ---D | C] - C:\Program Files\Common Files\InstallShield
[07-01-2008 04:01 AM | ---D | C] - C:\Program Files\Common Files\Symantec Shared
[07-01-2008 06:38 PM | ---D | C] - C:\Program Files\Common Files\Wise Installation Wizard
[07-01-2008 11:33 AM | ---D | C] - C:\Program Files\Common Files\Adobe
[07-12-2008 05:29 PM | ---D | C] - C:\Program Files\Common Files\Skype
[07-12-2008 12:38 PM | ---D | C] - C:\Program Files\Common Files\Logishrd
[07-20-2008 04:30 PM | ---D | C] - C:\Program Files\Common Files\Nokia
[07-20-2008 04:39 PM | ---D | C] - C:\Program Files\Common Files\PCSuite
[07-20-2008 07:47 PM | ---D | C] - C:\Program Files\Common Files\Download Manager
[08-23-2008 04:18 PM | ---D | C] - C:\Program Files\Common Files\Java
[06-30-2008 06:35 PM | ---D | C] - C:\Program Files\Microsoft Office
[06-30-2008 06:37 PM | ---D | C] - C:\Program Files\Microsoft Visual Studio
[06-30-2008 06:38 PM | ---D | C] - C:\Program Files\Microsoft Works
[06-30-2008 06:39 PM | ---D | C] - C:\Program Files\Microsoft.NET
[06-30-2008 07:35 PM | ---D | C] - C:\Program Files\Mozilla Firefox
[07-01-2008 03:35 AM | ---D | C] - C:\Program Files\Synaptics
[07-01-2008 03:50 AM | ---D | C] - C:\Program Files\ThinkPad
[07-01-2008 03:50 AM | -H-D | C] - C:\Program Files\InstallShield Installation Information
[07-01-2008 03:51 AM | ---D | C] - C:\Program Files\IBM
[07-01-2008 03:54 AM | ---D | C] - C:\Program Files\ATI Technologies
[07-01-2008 03:54 AM | ---D | C] - C:\Program Files\ltmoh
[07-01-2008 03:58 AM | ---D | C] - C:\Program Files\SBApps
[07-01-2008 04:00 AM | ---D | C] - C:\Program Files\InterVideo
[07-01-2008 04:01 AM | ---D | C] - C:\Program Files\Symantec
[07-01-2008 06:39 PM | ---D | C] - C:\Program Files\EndNote 9
[07-01-2008 11:12 AM | ---D | C] - C:\Program Files\Alfa & Ariss
[07-01-2008 11:33 AM | ---D | C] - C:\Program Files\Adobe
[07-03-2008 02:12 PM | ---D | C] - C:\Program Files\UPC
[07-08-2008 09:12 AM | ---D | C] - C:\Program Files\FileZilla FTP Client
[07-09-2008 02:22 PM | ---D | C] - C:\Program Files\MSBuild
[07-09-2008 02:22 PM | ---D | C] - C:\Program Files\Reference Assemblies
[07-09-2008 11:56 AM | ---D | C] - C:\Program Files\Picasa2
[07-11-2008 12:35 PM | ---D | C] - C:\Program Files\Uniblue
[07-12-2008 05:29 PM | ---D | C] - C:\Program Files\Skype
[07-12-2008 07:31 PM | ---D | C] - C:\Program Files\MSN Messenger
[07-12-2008 12:38 PM | ---D | C] - C:\Program Files\Logitech
[07-14-2008 01:41 PM | ---D | C] - C:\Program Files\OpenOffice.org 2.4
[07-20-2008 04:30 PM | ---D | C] - C:\Program Files\Nokia
[07-20-2008 04:31 PM | ---D | C] - C:\Program Files\MSXML 6.0
[07-20-2008 07:25 PM | ---D | C] - C:\Program Files\HijackThis
[07-20-2008 08:29 PM | ---D | C] - C:\Program Files\MSECACHE
[07-20-2008 08:29 PM | ---D | C] - C:\Program Files\Windows Installer Clean Up
[08-18-2008 11:02 AM | ---D | C] - C:\Program Files\Trend Micro
[08-21-2008 09:00 AM | ---D | C] - C:\Program Files\Microsoft Silverlight
[08-23-2008 04:19 PM | ---D | C] - C:\Program Files\Java
[08-23-2008 04:26 PM | ---D | C] - C:\Program Files\Sun

========== Files - Modified Within 90 days ==========

[06-30-2008 07:12 PM | 00,251,712 | RHS- | M] () - C:\ntldr
[06-30-2008 08:29 PM | 00,000,000 | RHS- | M] () - C:\MSDOS.SYS
[07-01-2008 02:34 AM | 00,001,138 | ---- | M] () - C:\SYSLEVEL.IBM
[07-01-2008 03:39 AM | 00,047,564 | RHS- | M] () - C:\NTDETECT.COM
[07-01-2008 04:22 AM | 00,000,194 | RHS- | M] () - C:\BOOT.INI
[07-01-2008 04:23 AM | 00,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT
[07-01-2008 04:23 AM | 00,000,000 | -H-- | M] () - C:\CONFIG.SYS
[07-01-2008 04:23 AM | 00,000,000 | -H-- | M] () - C:\IO.SYS
[07-08-2008 10:56 AM | 00,000,629 | ---- | M] () - C:\index.html
[09-01-2008 10:48 AM | 80,424,5504 | -HS- | M] () - C:\hiberfil.sys
[07-01-2008 03:50 AM | 00,000,000 | RH-- | M] () - C:\WINDOWS\System32\drivers\IBM_2374_N09_TP.MRK
[07-01-2008 04:23 AM | 00,000,047 | ---- | M] () - C:\WINDOWS\System32\drivers\IBM_2374_N09.MRK
[07-12-2008 12:40 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[07-12-2008 12:41 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[07-12-2008 12:41 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[07-14-2008 10:51 AM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[07-20-2008 04:43 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[1 C:\WINDOWS\System32\*.tmp files]
[06-30-2008 09:19 PM | 00,000,565 | ---- | M] () - C:\WINDOWS\System32\mapisvc.inf
[07-01-2008 02:34 AM | 00,002,211 | ---- | M] () - C:\WINDOWS\System32\OEMINFO.INI
[07-01-2008 04:08 AM | 00,000,333 | ---- | M] () - C:\WINDOWS\System32\$ncsp$.inf
[07-01-2008 04:22 AM | 00,002,441 | ---- | M] () - C:\WINDOWS\System32\$winnt$.inf
[07-01-2008 04:23 AM | 00,000,010 | ---- | M] () - C:\WINDOWS\System32\firstboot.ibm
[07-12-2008 05:31 PM | 00,000,056 | -H-- | M] () - C:\WINDOWS\System32\ezsidmv.dat
[07-20-2008 09:16 PM | 00,346,608 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT
[07-20-2008 10:03 PM | 00,000,230 | ---- | M] () - C:\WINDOWS\System32\spupdsvc.inf
[07-20-2008 10:04 PM | 00,069,410 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat
[07-20-2008 10:04 PM | 00,088,852 | ---- | M] () - C:\WINDOWS\System32\perfc013.dat
[07-20-2008 10:04 PM | 00,437,436 | ---- | M] () - C:\WINDOWS\

#10
Mike

Posted 01 September 2008 - 05:06 AM

Malware Monger

Retired Staff
2,745 posts

Wrong logs, please look at my latest instructions.

#11
rotterdam

Posted 01 September 2008 - 05:28 AM

Member

Topic Starter
Member
13 posts

Sorry... I don't get an txt file on my desktop after scanning. Just two wordpad windows.

second try!
Here is the OTViewIt.TXT:

OTViewIt logfile created on: 1-9-2008 13:24:54 - Run 7
OTViewIt by OldTimer - Version 1.0.1.7 Folder = C:\Documents and Settings\MyName\Mijn documenten\temp
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

766,92 Mb Total Physical Memory | 438,25 Mb Available Physical Memory | 57,14% Memory free
1,83 Gb Paging File | 1,56 Gb Available in Paging File | 84,85% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 58,97 Gb Free Space | 79,12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MyComputerName
Current User Name: MyName
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On

===== Processes - Non-Microsoft Only =====

[02-26-2004 10:26 AM | 00,057,344 | ---- | M] () - C:\WINDOWS\system32\ibmpmsvc.exe
[09-12-2003 06:39 AM | 00,323,584 | ---- | M] () - C:\WINDOWS\system32\ati2evxx.exe
[09-12-2003 06:39 AM | 00,323,584 | ---- | M] () - C:\WINDOWS\system32\ati2evxx.exe
[08-28-2003 08:11 PM | 00,110,592 | ---- | M] (Synaptics, Inc.) - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[09-04-2003 08:03 AM | 00,077,824 | ---- | M] () - C:\WINDOWS\system32\TpShocks.exe
[08-07-2004 04:26 AM | 00,094,208 | ---- | M] () - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
[08-18-2004 12:30 PM | 00,708,608 | ---- | M] (IBM Corp.) - C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
[08-18-2004 12:30 PM | 00,081,920 | ---- | M] (IBM Corp.) - C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
[07-16-2004 06:51 AM | 00,077,824 | ---- | M] () - C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
[01-11-2002 12:01 AM | 00,065,536 | ---- | M] (IBM Corporation) - C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
[07-18-2003 11:02 AM | 00,208,896 | ---- | M] (IBM Corp.) - C:\Program Files\ThinkPad\Utilities\EzEjMnAp.Exe
[06-27-2003 05:53 PM | 00,088,363 | ---- | M] (Agere Systems) - C:\WINDOWS\AGRSMMSG.exe
[09-06-2005 02:45 PM | 00,820,736 | ---- | M] (Nokia Mobile Phones Ltd.) - C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
[05-02-2008 02:44 AM | 00,805,392 | ---- | M] (Logitech, Inc.) - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[05-02-2008 02:40 AM | 00,076,304 | ---- | M] (Logitech, Inc.) - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
[08-30-2005 11:31 AM | 00,118,272 | ---- | M] (Nokia.) - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
[08-18-2004 12:30 PM | 00,073,728 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\QCONSVC.EXE
[07-12-2003 03:19 AM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe
[07-17-2004 05:24 AM | 00,036,864 | ---- | M] () - C:\WINDOWS\system32\acs.exe
[07-18-2008 01:24 PM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe

===== Win32 Services - Non-Microsoft Only =====

(ACS) ACU Configuration Service [On_Demand | Running]
[07-17-2004 05:24 AM | 00,036,864 | ---- | M] () - C:\WINDOWS\system32\acs.exe

(Ati HotKey Poller) Ati HotKey Poller [Auto | Running]
[09-12-2003 06:39 AM | 00,323,584 | ---- | M] () - C:\WINDOWS\system32\ati2evxx.exe

(IBMPMSVC) IBM PM Service [Auto | Running]
[02-26-2004 10:26 AM | 00,057,344 | ---- | M] () - C:\WINDOWS\system32\ibmpmsvc.exe

(LBTServ) Logitech Bluetooth Service [On_Demand | Stopped]
[05-02-2008 02:42 AM | 00,121,360 | ---- | M] (Logitech, Inc.) - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

(QCONSVC) QCONSVC [Auto | Running]
[08-18-2004 12:30 PM | 00,073,728 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\QCONSVC.EXE

(TpKmpSVC) IBM KCU Service [Auto | Running]
[07-12-2003 03:19 AM | 00,032,768 | ---- | M] () - C:\WINDOWS\system32\TpKmpSvc.exe

===== Driver Services - Non-Microsoft Only =====

(ac97intc) Intel® 82801 Audio Driver Install Service (WDM) [On_Demand | Stopped]
[08-18-2001 05:20 AM | 00,096,256 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\ac97intc.sys

(AgereSoftModem) Agere Systems Soft Modem [On_Demand | Running]
[06-27-2003 05:53 PM | 01,196,352 | ---- | M] (Agere Systems) - C:\WINDOWS\system32\drivers\AGRSM.sys

(ANC) ANC [System | Running]
[08-18-2004 12:30 PM | 00,011,520 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\drivers\ANC.sys

(AR5211) Dual-band Wi-Fi Wireless Mini PCI Adapter [On_Demand | Running]
[07-23-2004 03:41 AM | 00,393,408 | ---- | M] (Atheros Communications, Inc.) - C:\WINDOWS\system32\drivers\ar5211.sys

(E1000) Intel® PRO/1000 Adapter Driver [On_Demand | Running]
[06-13-2003 06:39 PM | 00,104,448 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\e1000325.sys

(E100B) Intel® PRO Adapter-stuurprogramma [On_Demand | Stopped]
[09-07-2001 04:49 AM | 00,117,760 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\e100b325.sys

(IBMPMDRV) IBMPMDRV [On_Demand | Running]
[02-26-2004 10:26 AM | 00,011,344 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\drivers\ibmpmdrv.sys

(IBMTPCHK) IBMTPCHK [System | Running]
[08-18-2004 12:30 PM | 00,002,432 | ---- | M] () - C:\WINDOWS\system32\drivers\IBMBLDID.SYS

(LHidFilt) Logitech SetPoint KMDF HID Filter Driver [On_Demand | Running]
[02-29-2008 03:13 AM | 00,035,344 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\system32\drivers\LHidFilt.Sys

(LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [On_Demand | Running]
[02-29-2008 03:13 AM | 00,036,880 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\system32\drivers\LMouFilt.Sys

(LucentSoftModem) Lucent Technologies Soft Modem [On_Demand | Stopped]
[08-18-2001 06:28 AM | 00,802,683 | ---- | M] (Lucent Technologies) - C:\WINDOWS\system32\drivers\LTSM.sys

(LUsbFilt) Logitech SetPoint KMDF USB Filter [On_Demand | Stopped]
[02-29-2008 03:13 AM | 00,028,944 | ---- | M] (Logitech, Inc.) - C:\WINDOWS\system32\drivers\LUsbFilt.sys

(mraid35x) mraid35x [Disabled | Stopped]
[08-18-2001 06:52 AM | 00,017,280 | ---- | M] (American Megatrends Inc.) - C:\WINDOWS\system32\drivers\mraid35x.sys

(NSCIRDA) Stuurprogramma voor NSC-infraroodapparaat [On_Demand | Running]
[04-13-2008 08:54 PM | 00,028,672 | ---- | M] (National Semiconductor Corporation) - C:\WINDOWS\system32\drivers\nscirda.sys

(QCNDISIF) QCNDISIF [On_Demand | Stopped]
[08-18-2004 12:30 PM | 00,012,288 | ---- | M] (IBM Corporation.) - C:\WINDOWS\system32\drivers\qcndisif.sys

(ShockMgr) ShockMgr [Auto | Running]
[07-24-2003 10:26 PM | 00,004,225 | ---- | M] (IBM Corporation) - C:\WINDOWS\System32\drivers\ShockMgr.sys

(Shockprf) Shockprf [Boot | Running]
[09-11-2003 07:03 PM | 00,052,136 | ---- | M] (IBM Corporation) - C:\WINDOWS\System32\drivers\shockprf.sys

(Sparrow) Sparrow [Disabled | Stopped]
[08-18-2001 07:07 AM | 00,019,072 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\system32\drivers\sparrow.sys

(SynTP) Synaptics TouchPad Driver [On_Demand | Running]
[08-28-2003 07:50 PM | 00,270,288 | ---- | M] (Synaptics, Inc.) - C:\WINDOWS\system32\drivers\SynTP.sys

(TDSMAPI) TDSMAPI [System | Running]
[07-03-2003 10:34 AM | 00,008,830 | ---- | M] () - C:\WINDOWS\system32\drivers\TDSMAPI.SYS

(TPHKDRV) TPHKDRV [System | Running]
[06-10-2004 05:19 AM | 00,016,340 | ---- | M] (IBM Corporation) - C:\WINDOWS\System32\drivers\TPHKDRV.sys

(TPPWR) TPPWR [System | Running]
[07-11-2003 10:34 AM | 00,015,360 | ---- | M] (IBM Corp.) - C:\WINDOWS\system32\drivers\TPPWR.SYS

(TSMAPIP) TSMAPIP [System | Running]
[09-12-2003 11:21 AM | 00,007,168 | ---- | M] () - C:\WINDOWS\system32\drivers\TSMAPIP.SYS

(TwoTrack) Stuurprogramma voor IBM PS/2 TrackPoint Filter [On_Demand | Stopped]
[08-18-2001 06:48 AM | 00,011,520 | ---- | M] (IBM Corporation) - C:\WINDOWS\system32\drivers\TwoTrack.sys

(upperdev) upperdev [On_Demand | Stopped]
File not found - C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys

========== Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG" = AGRSMMSG.exe [06-27-2003 05:53 PM | 00,088,363 | ---- | M] (Agere Systems)
"ATIModeChange" = Ati2mdxx.exe [09-05-2001 01:24 AM | 00,028,672 | ---- | M] (ATI Technologies, Inc.)
"ATIPTA" = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [09-12-2003 06:10 AM | 00,335,872 | ---- | M] (ATI Technologies, Inc.)
"BMMGAG" = RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor [07-11-2003 10:34 AM | 00,094,208 | ---- | M] (IBM Corp.)
"BMMLREF" = C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE [07-11-2003 10:34 AM | 00,020,480 | ---- | M] ()
"DataLayer" = C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [09-06-2005 02:45 PM | 00,820,736 | ---- | M] (Nokia Mobile Phones Ltd.)
"EZEJMNAP" = C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [07-18-2003 11:02 AM | 00,208,896 | ---- | M] (IBM Corp.)
"Kernel and Hardware Abstraction Layer" = KHALMNPR.EXE [02-29-2008 03:12 AM | 00,076,304 | ---- | M] (Logitech, Inc.)
"MSPY2002" = C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC [08-03-2004 10:31 PM | 00,059,392 | ---- | M] ()
"QCTRAY" = C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE [08-18-2004 12:30 PM | 00,708,608 | ---- | M] (IBM Corp.)
"QCWLICON" = C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE [08-18-2004 12:30 PM | 00,081,920 | ---- | M] (IBM Corp.)
"S3TRAY2" = S3Tray2.exe [10-12-2001 07:32 AM | 00,069,632 | ---- | M] (S3 Graphics, Inc.)
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06-10-2008 04:27 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.)
"SynTPLpr" = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [08-28-2003 08:11 PM | 00,110,592 | ---- | M] (Synaptics, Inc.)
"TP4EX" = tp4ex.exe [09-04-2002 10:05 AM | 00,053,248 | ---- | M] (IBM Corporation)
"TPHOTKEY" = C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [08-07-2004 04:26 AM | 00,094,208 | ---- | M] ()
"TPKMAPHELPER" = C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper [09-02-2003 10:56 PM | 00,897,024 | ---- | M] (IBM Corp.)
"TpShocks" = TpShocks.exe [09-04-2003 08:03 AM | 00,077,824 | ---- | M] ()
"UC_Start" = C:\IBMTools\Updater\ucstartup.exe [03-18-2003 12:27 AM | 00,032,768 | ---- | M] ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue RegistryBooster 2" = C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S [07-08-2008 03:05 PM | 01,923,352 | ---- | M] (Uniblue Software)
"Uniblue SpeedUpMyPC" = C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s [01-29-2008 09:46 AM | 09,442,584 | ---- | M] (Uniblue Software)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.

========== Startup Folders ==========

[All Users Startup Folder - C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten]
[05-02-2008 02:44 AM | 00,805,392 | ---- | M] (Logitech, Inc.) - C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

[MyName Startup Folder - C:\Documents and Settings\MyName\Menu Start\Programma's\Opstarten]

========== BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
HKLM CLSID: (Adobe PDF Reader Help bij koppelingen) - [10-22-2006 11:08 PM | 00,062,080 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (SSVHelper Class) - [06-10-2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

========== Toolbars ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]

"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

========== AppInit_Dlls ==========

========== HKLM Security Providers ==========

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
"Explorer.exe" - [04-14-2008 07:02 PM | 01,037,312 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
"C:\WINDOWS\system32\userinit.exe" - [04-14-2008 07:03 PM | 00,026,112 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
"logonui.exe" - [04-14-2008 07:03 PM | 00,515,072 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
"rundll32 shell32" - [04-14-2008 07:02 PM | 08,508,416 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
"Control_RunDLL "sysdm.cpl"" - [04-14-2008 07:03 PM | 00,304,640 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

========== User's Winlogon Settings ==========

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DllName" = C:\WINDOWS\system32\ati2evxx.dll [09-12-2003 06:39 AM | 00,086,016 | ---- | M] ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
"DllName" = c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll [05-02-2008 02:42 AM | 00,072,208 | ---- | M] (Logitech, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\QConGina]
"DllName" = C:\WINDOWS\system32\QConGina.dll [08-18-2004 12:30 PM | 00,258,048 | ---- | M] (IBM Corp.)

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
Unable to open key or key not present!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

========== Lsa Authentication Packages ==========

========== Lsa Security Packages ==========

========== Desktop Components ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"FriendlyName" = "Mijn huidige introductiepagina"
"Source" = "About:Home"
"SubscribedURL" = "About:Home"

========== Safeboot Options ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

========== Disabled MsConfig Items ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[07-01-2008 04:23 AM | 00,000,000 | -H-- | M] () C:\AUTOEXEC.BAT [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c385fb20-7744-11dd-af46-0016ce3637b0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfcee790-71f6-11dd-af43-0016ce3637b0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfcee791-71f6-11dd-af43-0016ce3637b0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfcee792-71f6-11dd-af43-0016ce3637b0}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfcee793-71f6-11dd-af43-0016ce3637b0}\Shell]
"" = None

========== DNS Name Servers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{0569057F-D6EA-4AA9-946F-2F7AFF8BBBBD}]
Servers: | Description: Intel® PRO/1000 MT Mobile Connection

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{0A6D6E57-57E2-4157-BE86-8B2060665D57}]
Servers: | Description: 11a/b/g Wireless LAN Mini PCI Adapter II

========== Hosts File ==========

HOSTS File = (776 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== Files/Folders - Created Within 90 days ==========

[06-30-2008 06:33 PM | RH-D | C] - C:\MSOCache
[06-30-2008 08:29 PM | 00,000,000 | RHS- | C] () - C:\MSDOS.SYS
[06-30-2008 08:30 PM | ---D | C] - C:\VanDale
[06-30-2008 08:33 PM | -HSD | C] - C:\RECYCLER
[07-01-2008 02:08 AM | ---D | C] - C:\IBMTOOLS
[07-01-2008 02:33 AM | ---D | C] - C:\DRIVERS
[07-01-2008 02:34 AM | 00,001,138 | ---- | C] () - C:\SYSLEVEL.IBM
[07-01-2008 03:48 AM | 80,424,5504 | -HS- | C] () - C:\hiberfil.sys
[07-01-2008 03:57 AM | 00,000,000 | -H-- | C] () - C:\AUTOEXEC.BAT
[07-01-2008 04:00 AM | ---D | C] - C:\icons
[07-01-2008 04:08 AM | -HSD | C] - C:\Recycled
[07-08-2008 10:56 AM | 00,000,629 | ---- | C] () - C:\index.html
[08-18-2008 11:06 AM | ---D | C] - C:\VundoFix Backups
[08-24-2008 06:24 PM | ---D | C] - C:\pics flo
[06-30-2008 06:57 PM | 00,000,403 | ---- | C] () - C:\WINDOWS\System32\dllcache\npdrmv2.zip
[06-30-2008 06:57 PM | 00,000,717 | ---- | C] () - C:\WINDOWS\System32\dllcache\cloapp.gif
[06-30-2008 06:57 PM | 00,000,726 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst15.wpl
[06-30-2008 06:57 PM | 00,000,760 | ---- | C] () - C:\WINDOWS\System32\dllcache\cloapph.gif
[06-30-2008 06:57 PM | 00,000,772 | ---- | C] () - C:\WINDOWS\System32\dllcache\cntd.gif
[06-30-2008 06:57 PM | 00,000,773 | ---- | C] () - C:\WINDOWS\System32\dllcache\cnt.gif
[06-30-2008 06:57 PM | 00,000,773 | ---- | C] () - C:\WINDOWS\System32\dllcache\cnth.gif
[06-30-2008 06:57 PM | 00,000,782 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst14.wpl
[06-30-2008 06:57 PM | 00,000,786 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst9.wpl
[06-30-2008 06:57 PM | 00,000,789 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst13.wpl
[06-30-2008 06:57 PM | 00,000,801 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst10.wpl
[06-30-2008 06:57 PM | 00,000,804 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst11.wpl
[06-30-2008 06:57 PM | 00,000,999 | ---- | C] () - C:\WINDOWS\System32\dllcache\bktrh.gif
[06-30-2008 06:57 PM | 00,001,043 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst8.wpl
[06-30-2008 06:57 PM | 00,001,048 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst7.wpl
[06-30-2008 06:57 PM | 00,001,051 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst2.wpl
[06-30-2008 06:57 PM | 00,001,148 | ---- | C] () - C:\WINDOWS\System32\dllcache\snd.htm
[06-30-2008 06:57 PM | 00,001,251 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst1.wpl
[06-30-2008 06:57 PM | 00,001,367 | ---- | C] () - C:\WINDOWS\System32\dllcache\taoffh.gif
[06-30-2008 06:57 PM | 00,001,380 | ---- | C] () - C:\WINDOWS\System32\dllcache\taoff.gif
[06-30-2008 06:57 PM | 00,001,380 | ---- | C] () - C:\WINDOWS\System32\dllcache\taonh.gif
[06-30-2008 06:57 PM | 00,001,398 | ---- | C] () - C:\WINDOWS\System32\dllcache\taon.gif
[06-30-2008 06:57 PM | 00,001,453 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst4.wpl
[06-30-2008 06:57 PM | 00,001,460 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst12.wpl
[06-30-2008 06:57 PM | 00,001,471 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst3.wpl
[06-30-2008 06:57 PM | 00,001,474 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst6.wpl
[06-30-2008 06:57 PM | 00,001,476 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst5.wpl
[06-30-2008 06:57 PM | 00,001,771 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmptour.css
[06-30-2008 06:57 PM | 00,001,774 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpocm.inf
[06-30-2008 06:57 PM | 00,001,818 | ---- | C] () - C:\WINDOWS\System32\dllcache\skins.inf
[06-30-2008 06:57 PM | 00,002,371 | ---- | C] () - C:\WINDOWS\System32\dllcache\tpauseh.gif
[06-30-2008 06:57 PM | 00,002,375 | ---- | C] () - C:\WINDOWS\System32\dllcache\tplayh.gif
[06-30-2008 06:57 PM | 00,002,450 | ---- | C] () - C:\WINDOWS\System32\dllcache\tpause.gif
[06-30-2008 06:57 PM | 00,002,469 | ---- | C] () - C:\WINDOWS\System32\dllcache\tplay.gif
[06-30-2008 06:57 PM | 00,002,477 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm5.gif
[06-30-2008 06:57 PM | 00,002,545 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplogo.gif
[06-30-2008 06:57 PM | 00,002,778 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplogoh.gif
[06-30-2008 06:57 PM | 00,003,187 | ---- | C] () - C:\WINDOWS\System32\dllcache\tour.js
[06-30-2008 06:57 PM | 00,004,193 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm8.gif
[06-30-2008 06:57 PM | 00,005,290 | ---- | C] () - C:\WINDOWS\System32\dllcache\vidsamp.gif
[06-30-2008 06:57 PM | 00,005,789 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm1.gif
[06-30-2008 06:57 PM | 00,005,971 | ---- | C] () - C:\WINDOWS\System32\dllcache\events.js
[06-30-2008 06:57 PM | 00,006,060 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm6.gif
[06-30-2008 06:57 PM | 00,006,241 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm3.gif
[06-30-2008 06:57 PM | 00,007,369 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm4.gif
[06-30-2008 06:57 PM | 00,007,636 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm2.gif
[06-30-2008 06:57 PM | 00,007,892 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm9.gif
[06-30-2008 06:57 PM | 00,008,677 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm7.gif
[06-30-2008 06:57 PM | 00,009,585 | ---- | C] () - C:\WINDOWS\System32\dllcache\controls.css
[06-30-2008 06:57 PM | 00,013,540 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmfsdk.inf
[06-30-2008 06:57 PM | 00,017,489 | ---- | C] () - C:\WINDOWS\System32\dllcache\videobg.gif
[06-30-2008 06:57 PM | 00,022,060 | ---- | C] () - C:\WINDOWS\System32\dllcache\npds.zip
[06-30-2008 06:57 PM | 00,023,829 | ---- | C] () - C:\WINDOWS\System32\dllcache\tourbg.gif
[06-30-2008 06:57 PM | 00,026,500 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmplay.chm
[06-30-2008 06:57 PM | 00,034,558 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmdm.inf
[06-30-2008 06:57 PM | 00,036,620 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplayer2.inf
[06-30-2008 06:57 PM | 00,059,392 | ---- | C] () - C:\WINDOWS\System32\dllcache\imscinst.exe
[06-30-2008 06:57 PM | 00,066,137 | ---- | C] () - C:\WINDOWS\System32\dllcache\revert.wmz
[06-30-2008 06:57 PM | 00,074,046 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmplayer.adm
[06-30-2008 06:57 PM | 00,082,771 | ---- | C] () - C:\WINDOWS\System32\dllcache\plyr_err.chm
[06-30-2008 06:57 PM | 00,086,180 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud2.wav
[06-30-2008 06:57 PM | 00,086,180 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud4.wav
[06-30-2008 06:57 PM | 00,086,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud5.wav
[06-30-2008 06:57 PM | 00,172,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud3.wav
[06-30-2008 06:57 PM | 00,172,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud8.wav
[06-30-2008 06:57 PM | 00,172,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud9.wav
[06-30-2008 06:57 PM | 00,184,094 | ---- | C] () - C:\WINDOWS\System32\dllcache\compact.wmz
[06-30-2008 06:57 PM | 00,196,665 | ---- | C] () - C:\WINDOWS\System32\dllcache\imjpinst.exe
[06-30-2008 06:57 PM | 00,343,204 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud6.wav
[06-30-2008 06:57 PM | 00,343,204 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud7.wav
[06-30-2008 06:57 PM | 00,354,468 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud1.wav
[06-30-2008 06:57 PM | 00,652,190 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmplayer.chm
[07-01-2008 03:40 AM | 00,007,334 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmerrenu.cat
[07-01-2008 03:40 AM | 00,067,866 | ---- | C] () - C:\WINDOWS\System32\dllcache\netwlan5.img
[07-04-2008 10:15 AM | 00,108,827 | ---- | C] () - C:\WINDOWS\System32\dllcache\hanja.lex
[07-04-2008 10:15 AM | 00,134,339 | ---- | C] () - C:\WINDOWS\System32\dllcache\imekr.lex
[07-04-2008 10:15 AM | 01,158,818 | ---- | C] () - C:\WINDOWS\System32\dllcache\korwbrkr.lex
[07-01-2008 03:40 AM | 00,064,352 | ---- | C] () - C:\WINDOWS\System32\drivers\ativmc20.cod
[07-01-2008 03:40 AM | 00,067,866 | ---- | C] () - C:\WINDOWS\System32\drivers\netwlan5.img
[07-01-2008 03:40 AM | 00,129,045 | ---- | C] () - C:\WINDOWS\System32\drivers\cxthsfs2.cty
[07-01-2008 03:50 AM | 00,000,000 | RH-- | C] () - C:\WINDOWS\System32\drivers\IBM_2374_N09_TP.MRK
[07-01-2008 03:50 AM | 00,004,225 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\drivers\ShockMgr.sys
[07-01-2008 03:50 AM | 00,052,136 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\drivers\shockprf.sys
[07-01-2008 03:51 AM | 00,015,360 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\drivers\TPPWR.SYS
[07-01-2008 03:51 AM | 00,393,408 | ---- | C] (Atheros Communications, Inc.) - C:\WINDOWS\System32\drivers\ar5211.sys
[07-01-2008 03:52 AM | 00,002,432 | ---- | C] () - C:\WINDOWS\System32\drivers\IBMBLDID.SYS
[07-01-2008 03:52 AM | 00,008,830 | ---- | C] () - C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[07-01-2008 03:52 AM | 00,011,520 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\drivers\ANC.sys
[07-01-2008 03:52 AM | 00,012,288 | ---- | C] (IBM Corporation.) - C:\WINDOWS\System32\drivers\qcndisif.sys
[07-01-2008 03:53 AM | 00,007,168 | ---- | C] () - C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[07-01-2008 04:23 AM | 00,000,047 | ---- | C] () - C:\WINDOWS\System32\drivers\IBM_2374_N09.MRK
[07-12-2008 12:40 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[07-12-2008 12:41 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[07-12-2008 12:41 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[07-14-2008 10:51 AM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[07-20-2008 04:43 PM | 00,000,000 | -H-- | C] () - C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[1 C:\WINDOWS\System32\*.tmp files]
[06-30-2008 06:31 PM | ---D | C] - C:\WINDOWS\System32\SoftwareDistribution
[06-30-2008 06:34 PM | ---D | C] - C:\WINDOWS\System32\PreInstall
[06-30-2008 07:21 PM | ---D | C] - C:\WINDOWS\System32\bits
[06-30-2008 07:21 PM | ---D | C] - C:\WINDOWS\System32\nl
[06-30-2008 07:21 PM | ---D | C] - C:\WINDOWS\System32\nl-nl
[06-30-2008 09:19 PM | 00,000,565 | ---- | C] () - C:\WINDOWS\System32\mapisvc.inf
[06-30-2008 09:19 PM | 00,000,581 | ---- | C] () - C:\WINDOWS\System32\msft.mib
[06-30-2008 09:19 PM | 00,000,698 | ---- | C] () - C:\WINDOWS\System32\inetsrv.mib
[06-30-2008 09:19 PM | 00,001,361 | ---- | C] () - C:\WINDOWS\System32\fxscount.h
[06-30-2008 09:19 PM | 00,003,717 | ---- | C] () - C:\WINDOWS\System32\fxsperf.ini
[06-30-2008 09:19 PM | 00,004,332 | ---- | C] () - C:\WINDOWS\System32\smi.mib
[06-30-2008 09:19 PM | 00,004,597 | ---- | C] () - C:\WINDOWS\System32\dhcp.mib
[06-30-2008 09:19 PM | 00,006,179 | ---- | C] () - C:\WINDOWS\System32\ftp.mib
[06-30-2008 09:19 PM | 00,010,313 | ---- | C] () - C:\WINDOWS\System32\mripsap.mib
[06-30-2008 09:19 PM | 00,013,767 | ---- | C] () - C:\WINDOWS\System32\msipbtp.mib
[06-30-2008 09:19 PM | 00,015,597 | ---- | C] () - C:\WINDOWS\System32\accserv.mib
[06-30-2008 09:19 PM | 00,015,799 | ---- | C] () - C:\WINDOWS\System32\ipforwd.mib
[06-30-2008 09:19 PM | 00,016,617 | ---- | C] () - C:\WINDOWS\System32\authserv.mib
[06-30-2008 09:19 PM | 00,020,079 | ---- | C] () - C:\WINDOWS\System32\http.mib
[06-30-2008 09:19 PM | 00,021,386 | ---- | C] () - C:\WINDOWS\System32\mipx.mib
[06-30-2008 09:19 PM | 00,026,100 | ---- | C] () - C:\WINDOWS\System32\lmmib2.mib
[06-30-2008 09:19 PM | 00,026,236 | ---- | C] () - C:\WINDOWS\System32\wins.mib
[06-30-2008 09:19 PM | 00,030,448 | ---- | C] () - C:\WINDOWS\System32\mcastmib.mib
[06-30-2008 09:19 PM | 00,034,317 | ---- | C] () - C:\WINDOWS\System32\msiprip2.mib
[06-30-2008 09:19 PM | 00,038,608 | ---- | C] () - C:\WINDOWS\System32\nipx.mib
[06-30-2008 09:19 PM | 00,048,593 | ---- | C] () - C:\WINDOWS\System32\hostmib.mib
[06-30-2008 09:19 PM | 00,049,275 | ---- | C] () - C:\WINDOWS\System32\wfospf.mib
[06-30-2008 09:19 PM | 00,107,882 | ---- | C] () - C:\WINDOWS\System32\mib_ii.mib
[06-30-2008 09:19 PM | ---D | C] - C:\WINDOWS\System32\FxsTmp
[06-30-2008 09:23 PM | ---D | C] - C:\WINDOWS\System32\appmgmt
[07-01-2008 02:34 AM | 00,002,211 | ---- | C] () - C:\WINDOWS\System32\OEMINFO.INI
[07-01-2008 03:40 AM | 00,118,272 | ---- | C] () - C:\WINDOWS\System32\mpeg2data.ax
[07-01-2008 03:40 AM | 00,120,320 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\ir41_qc.dll
[07-01-2008 03:40 AM | 00,154,624 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\ivfsrc.ax
[07-01-2008 03:40 AM | 00,183,808 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\ir50_qcx.dll
[07-01-2008 03:40 AM | 00,199,680 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\iac25_32.ax
[07-01-2008 03:40 AM | 00,200,192 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\ir50_qc.dll
[07-01-2008 03:40 AM | 00,338,432 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\ir41_qcx.dll
[07-01-2008 03:40 AM | 00,755,200 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\ir50_32.dll
[07-01-2008 03:40 AM | 00,848,384 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\ir41_32.ax
[07-01-2008 03:41 AM | 00,053,248 | ---- | C] () - C:\WINDOWS\System32\vbicodec.ax
[07-01-2008 03:41 AM | 00,164,352 | ---- | C] () - C:\WINDOWS\System32\wstpager.ax
[07-01-2008 03:41 AM | 00,239,616 | ---- | C] () - C:\WINDOWS\System32\wstrenderer.ax
[07-01-2008 03:45 AM | 00,000,333 | ---- | C] () - C:\WINDOWS\System32\$ncsp$.inf
[07-01-2008 03:50 AM | 00,002,193 | ---- | C] () - C:\WINDOWS\System32\TpShPrm.jpg
[07-01-2008 03:50 AM | 00,003,063 | ---- | C] () - C:\WINDOWS\System32\TpShPrm.hta
[07-01-2008 03:50 AM | 00,025,214 | ---- | C] () - C:\WINDOWS\System32\TpShocks.ICO
[07-01-2008 03:50 AM | 00,049,152 | ---- | C] () - C:\WINDOWS\System32\Sensor.dll
[07-01-2008 03:50 AM | 00,077,824 | ---- | C] () - C:\WINDOWS\System32\TpShocks.exe
[07-01-2008 03:50 AM | 00,106,496 | ---- | C] () - C:\WINDOWS\System32\TpShCPL.cpl
[07-01-2008 03:50 AM | 00,110,937 | ---- | C] () - C:\WINDOWS\System32\TpShPrm.gif
[07-01-2008 03:50 AM | 00,376,832 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\TpShCPL.dll
[07-01-2008 03:51 AM | 00,008,212 | ---- | C] () - C:\WINDOWS\System32\net5211.cat
[07-01-2008 03:51 AM | 00,025,495 | ---- | C] () - C:\WINDOWS\System32\net5211.inf
[07-01-2008 03:51 AM | 00,036,864 | ---- | C] () - C:\WINDOWS\System32\acs.exe
[07-01-2008 03:51 AM | 00,110,592 | ---- | C] () - C:\WINDOWS\System32\AegisI5.exe
[07-01-2008 03:51 AM | 00,118,784 | ---- | C] (Atheros) - C:\WINDOWS\System32\ATHCFG10.DLL
[07-01-2008 03:51 AM | 00,147,456 | ---- | C] () - C:\WINDOWS\System32\ssleay32.dll
[07-01-2008 03:51 AM | 00,393,408 | ---- | C] (Atheros Communications, Inc.) - C:\WINDOWS\System32\ar5211.sys
[07-01-2008 03:51 AM | 00,409,600 | ---- | C] (Atheros) - C:\WINDOWS\System32\athcfg11.dll
[07-01-2008 03:51 AM | 00,651,264 | ---- | C] () - C:\WINDOWS\System32\libeay32.dll
[07-01-2008 03:52 AM | 00,034,816 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\TP98.CPL
[07-01-2008 03:52 AM | 00,073,728 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\QCONSVC.EXE
[07-01-2008 03:52 AM | 00,258,048 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\QConGina.dll
[07-01-2008 03:52 AM | 00,282,624 | ---- | C] (IBM) - C:\WINDOWS\System32\tvt_gina_api.dll
[07-01-2008 03:52 AM | 00,573,440 | ---- | C] (IBM) - C:\WINDOWS\System32\tvt_gina.dll
[07-01-2008 03:53 AM | 00,004,458 | ---- | C] () - C:\WINDOWS\System32\TP4CLICK.WAV
[07-01-2008 03:53 AM | 00,005,928 | ---- | C] () - C:\WINDOWS\System32\TP4LATCH.WAV
[07-01-2008 03:53 AM | 00,008,264 | ---- | C] () - C:\WINDOWS\System32\TP4EX.HLP
[07-01-2008 03:53 AM | 00,032,768 | ---- | C] () - C:\WINDOWS\System32\TpKmpSvc.exe
[07-01-2008 03:53 AM | 00,049,152 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\tp4cross.exe
[07-01-2008 03:53 AM | 00,053,248 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\TP4EX.exe
[07-01-2008 03:53 AM | 00,053,248 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\TP4HOOK.dll
[07-01-2008 03:53 AM | 00,061,440 | ---- | C] () - C:\WINDOWS\System32\FPCALL.dll
[07-01-2008 03:53 AM | 00,061,440 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\tp4ex.cpl
[07-01-2008 03:54 AM | ---D | C] - C:\WINDOWS\System32\ReinstallBackups
[07-01-2008 03:58 AM | ---D | C] - C:\WINDOWS\System32\SBUtils
[07-01-2008 03:59 AM | 00,393,216 | ---- | C] (IBM) - C:\WINDOWS\System32\IBMJavaPlugin141.cpl
[07-01-2008 03:59 AM | ---D | C] - C:\WINDOWS\System32\thinkpad_features
[07-01-2008 04:23 AM | 00,000,010 | ---- | C] () - C:\WINDOWS\System32\firstboot.ibm
[07-04-2008 10:14 AM | 00,066,082 | ---- | C] () - C:\WINDOWS\System32\C_28596.NLS
[07-04-2008 10:15 AM | 00,000,520 | ---- | C] () - C:\WINDOWS\System32\dayiphr.tbl
[07-04-2008 10:15 AM | 00,000,700 | ---- | C] () - C:\WINDOWS\System32\dayiptr.tbl
[07-04-2008 10:15 AM | 00,001,460 | ---- | C] () - C:\WINDOWS\System32\a15.tbl
[07-04-2008 10:15 AM | 00,001,486 | ---- | C] () - C:\WINDOWS\System32\noise.kor
[07-04-2008 10:15 AM | 00,002,060 | ---- | C] () - C:\WINDOWS\System32\noise.jpn
[07-04-2008 10:15 AM | 00,002,714 | ---- | C] () - C:\WINDOWS\System32\phonptr.tbl
[07-04-2008 10:15 AM | 00,004,071 | ---- | C] () - C:\WINDOWS\System32\phon.tbl
[07-04-2008 10:15 AM | 00,014,821 | ---- | C] () - C:\WINDOWS\System32\PINTLPAD.HLP
[07-04-2008 10:15 AM | 00,016,254 | ---- | C] () - C:\WINDOWS\System32\PINTLPAE.HLP
[07-04-2008 10:15 AM | 00,016,312 | ---- | C] () - C:\WINDOWS\System32\arptr.tbl
[07-04-2008 10:15 AM | 00,018,600 | ---- | C] () - C:\WINDOWS\System32\arrayhw.tab
[07-04-2008 10:15 AM | 00,024,114 | ---- | C] () - C:\WINDOWS\System32\lcptr.tbl
[07-04-2008 10:15 AM | 00,043,242 | ---- | C] () - C:\WINDOWS\System32\phoncode.tbl
[07-04-2008 10:15 AM | 00,044,370 | ---- | C] () - C:\WINDOWS\System32\a234.tbl
[07-04-2008 10:15 AM | 00,044,370 | ---- | C] () - C:\WINDOWS\System32\acode.tbl
[07-04-2008 10:15 AM | 00,110,566 | ---- | C] () - C:\WINDOWS\System32\arphr.tbl
[07-04-2008 10:15 AM | 00,116,285 | ---- | C] () - C:\WINDOWS\System32\msdayi.tbl
[07-04-2008 10:15 AM | 00,146,126 | ---- | C] () - C:\WINDOWS\System32\array30.tab
[07-04-2008 10:15 AM | 00,211,938 | ---- | C] () - C:\WINDOWS\System32\lcphrase.tbl
[07-04-2008 10:15 AM | 01,158,818 | ---- | C] () - C:\WINDOWS\System32\korwbrkr.lex
[07-04-2008 10:15 AM | 01,223,500 | ---- | C] () - C:\WINDOWS\System32\WINZM.MB
[07-04-2008 10:15 AM | 01,564,868 | ---- | C] () - C:\WINDOWS\System32\WINSP.MB
[07-04-2008 10:15 AM | 01,783,864 | ---- | C] () - C:\WINDOWS\System32\WINPY.MB
[07-09-2008 02:22 PM | ---D | C] - C:\WINDOWS\System32\en-us
[07-09-2008 02:22 PM | ---D | C] - C:\WINDOWS\System32\XPSViewer
[07-12-2008 05:31 PM | 00,000,056 | -H-- | C] () - C:\WINDOWS\System32\ezsidmv.dat
[07-12-2008 07:31 PM | ---D | C] - C:\WINDOWS\System32\DRVSTORE
[07-12-2008 12:38 PM | 00,117,264 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\KemWnd.dll
[07-12-2008 12:38 PM | 00,145,936 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\KemUtil.dll
[07-12-2008 12:39 PM | 00,084,496 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\KemXML.dll
[07-12-2008 12:39 PM | 00,170,512 | ---- | C] (Logitech, Inc.) - C:\WINDOWS\System32\kemutb.dll
[07-20-2008 04:31 PM | 00,090,624 | ---- | C] (Nokia) - C:\WINDOWS\System32\nmwcdcls.dll
[07-20-2008 10:03 PM | 00,000,230 | ---- | C] () - C:\WINDOWS\System32\spupdsvc.inf
[06-30-2008 06:34 PM | -H-D | C] - C:\WINDOWS\$hf_mig$
[06-30-2008 06:37 PM | ---D | C] - C:\WINDOWS\SHELLNEW
[06-30-2008 06:41 PM | 00,000,395 | ---- | C] () - C:\WINDOWS\ODBC.INI
[06-30-2008 07:07 PM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstall$
[06-30-2008 07:12 PM | ---D | C] - C:\WINDOWS\network diagnostic
[06-30-2008 07:16 PM | ---D | C] - C:\WINDOWS\ServicePackFiles
[06-30-2008 07:21 PM | ---D | C] - C:\WINDOWS\l2schemas
[06-30-2008 07:27 PM | ---D | C] - C:\WINDOWS\Prefetch
[06-30-2008 07:35 PM | 00,000,000 | ---- | C] () - C:\WINDOWS\nsreg.dat
[06-30-2008 08:30 PM | 00,001,368 | ---- | C] () - C:\WINDOWS\vdgwwin.ini
[07-01-2008 03:39 AM | ---D | C] - C:\WINDOWS\EHome
[07-01-2008 03:40 AM | ---D | C] - C:\WINDOWS\peernet
[07-01-2008 03:40 AM | ---D | C] - C:\WINDOWS\provisioning
[07-01-2008 03:41 AM | 00,316,640 | ---- | C] () - C:\WINDOWS\WMSysPr9.prx
[07-01-2008 03:46 AM | ---D | C] - C:\WINDOWS\SoftwareDistribution
[07-01-2008 03:50 AM | 00,110,592 | ---- | C] () - C:\WINDOWS\_tpiu000.exe
[07-01-2008 03:51 AM | 00,184,320 | ---- | C] () - C:\WINDOWS\TPBATHLP.EXE
[07-01-2008 03:54 AM | ---D | C] - C:\WINDOWS\Options
[07-01-2008 03:58 AM | 00,000,023 | ---- | C] () - C:\WINDOWS\Welcome.ini
[07-01-2008 04:08 AM | 00,000,061 | ---- | C] () - C:\WINDOWS\smscfg.ini
[07-01-2008 08:32 AM | ---D | C] - C:\WINDOWS\Sun
[07-02-2008 09:13 AM | ---D | C] - C:\WINDOWS\pss
[07-09-2008 02:20 PM | ---D | C] - C:\WINDOWS\Microsoft.NET
[07-09-2008 02:21 PM | R-SD | C] - C:\WINDOWS\assembly
[07-20-2008 09:28 PM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[07-20-2008 09:29 PM | -H-D | C] - C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[07-20-2008 09:31 PM | ---D | C] - C:\WINDOWS\WBEM
[07-01-2008 03:51 AM | 00,000,314 | ---- | C] () - C:\WINDOWS\tasks\BMMTask.job
[07-11-2008 12:36 PM | 00,000,292 | ---- | C] () - C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[07-11-2008 12:36 PM | 00,000,414 | ---- | C] () - C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
[06-30-2008 06:35 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[06-30-2008 09:59 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\WLInstaller
[07-01-2008 03:59 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\ibm
[07-01-2008 04:01 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Symantec
[07-01-2008 11:33 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Adobe
[07-12-2008 05:29 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Skype
[07-12-2008 12:38 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Logitech
[07-12-2008 12:43 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\LogiShrd
[07-20-2008 04:30 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Installations
[07-20-2008 04:33 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Nokia
[07-20-2008 07:13 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\SecTaskMan
[07-20-2008 07:48 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes
[06-30-2008 07:35 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Mozilla
[06-30-2008 07:42 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Sun
[06-30-2008 10:26 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Adobe
[06-30-2008 10:26 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Macromedia
[07-01-2008 04:22 AM | 00,000,062 | -HS- | C] () - C:\Documents and Settings\MyName\Application Data\desktop.ini
[07-01-2008 04:22 AM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Identities
[07-01-2008 04:22 AM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Symantec
[07-01-2008 04:22 AM | --SD | C] - C:\Documents and Settings\MyName\Application Data\Microsoft
[07-02-2008 10:52 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\VanDale
[07-07-2008 10:35 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\InterVideo
[07-07-2008 11:06 AM | ---D | C] - C:\Documents and Settings\MyName\Application Data\EndNote
[07-08-2008 09:13 AM | ---D | C] - C:\Documents and Settings\MyName\Application Data\FileZilla
[07-11-2008 12:37 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Uniblue
[07-12-2008 05:30 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Skype
[07-12-2008 05:31 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\skypePM
[07-12-2008 12:37 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\InstallShield
[07-12-2008 12:42 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Logitech
[07-14-2008 01:43 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\OpenOffice.org2
[07-15-2008 10:28 AM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Ariane Software
[07-20-2008 04:41 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\PC Suite
[07-20-2008 04:45 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Nokia
[07-20-2008 07:15 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Help
[07-20-2008 07:48 PM | ---D | C] - C:\Documents and Settings\MyName\Application Data\Malwarebytes
[06-30-2008 07:35 PM | ---D | C] - C:\Documents and Settings\MyName\Local Settings\Application Data\Mozilla
[06-30-2008 10:17 PM | ---D | C] - C:\Documents and Settings\MyName\Local Settings\Application Data\PCHealth
[07-01-2008 04:22 AM | 00,013,104 | ---- | C] () - C:\Documents and Settings\MyName\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[07-01-2008 04:22 AM | 06,387,856 | -H-- | C] () - C:\Documents and Settings\MyName\Local Settings\Application Data\IconCache.db
[07-01-2008 04:22 AM | ---D | C] - C:\Documents and Settings\MyName\Local Settings\Application Data\Microsoft
[07-01-2008 11:34 AM | ---D | C] - C:\Documents and Settings\MyName\Local Settings\Application Data\Adobe
[07-03-2008 02:12 PM | ---D | C] - C:\Documents and Settings\MyName\Local Settings\Application Data\SupportSoft
[07-07-2008 10:34 PM | 00,020,480 | ---- | C] () - C:\Documents and Settings\MyName\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[07-20-2008 07:15 PM | ---D | C] - C:\Documents and Settings\MyName\Local Settings\Application Data\Help
[07-01-2008 03:47 AM | R--D | C] - C:\Documents and Settings\All Users\Documenten\Mijn video's
[06-30-2008 08:46 PM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\Uren Transcore
[06-30-2008 10:11 PM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\Rechten
[06-30-2008 10:19 PM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\Mijn ontvangen bestanden
[07-01-2008 04:22 AM | 00,000,090 | -HS- | C] () - C:\Documents and Settings\MyName\Mijn documenten\desktop.ini
[07-01-2008 04:22 AM | R--D | C] - C:\Documents and Settings\MyName\Mijn documenten\Mijn afbeeldingen
[07-01-2008 04:22 AM | R--D | C] - C:\Documents and Settings\MyName\Mijn documenten\Mijn muziek
[07-08-2008 04:30 PM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\temp
[07-08-2008 09:16 AM | 03,228,057 | ---- | C] () - C:\Documents and Settings\MyName\Mijn documenten\FileZilla_3.0.11.1_win32-setup.exe
[07-08-2008 11:30 AM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\Joomla
[07-11-2008 08:00 PM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\nokia
[07-12-2008 07:33 PM | 00,000,605 | ---- | C] () - C:\Documents and Settings\MyName\Mijn documenten\Mijn Gedeelde Mappen.lnk
[08-05-2008 04:06 PM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\Nieuwe map
[08-14-2008 08:45 PM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\werk
[08-19-2008 12:19 PM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\typo3
[08-31-2008 12:23 PM | ---D | C] - C:\Documents and Settings\MyName\Mijn documenten\TEXT LOSS
[06-30-2008 07:35 PM | 00,001,613 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Mozilla Firefox.lnk
[07-01-2008 04:00 AM | 00,001,627 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Access IBM.lnk
[07-09-2008 11:58 AM | 00,000,677 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Picasa2.lnk
[07-10-2008 01:28 PM | 00,000,576 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Erasmus.lnk
[07-12-2008 05:29 PM | 00,002,255 | ---- | C] () - C:\Documents and Settings\All Users\Bureaublad\Skype.lnk
[08-18-2008 09:15 PM | 01,567,232 | ---- | C] () - C:\Documents and Settings\MyName\Bureaublad\SteamInstall.msi
[08-18-2008 11:02 AM | 00,001,745 | ---- | C] () - C:\Documents and Settings\MyName\Bureaublad\HijackThis.lnk
[08-18-2008 11:12 AM | 00,641,975 | ---- | C] (EFD Software ) - C:\Documents and Settings\MyName\Bureaublad\hdtune_253.exe
[08-18-2008 12:24 PM | 00,013,824 | ---- | C] () - C:\Documents and Settings\MyName\Bureaublad\geneve.xls
[07-12-2008 12:39 PM | 00,001,698 | ---- | C] () - C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Logitech SetPoint.lnk
[07-01-2008 04:22 AM | 00,000,084 | -HS- | C] () - C:\Documents and Settings\MyName\Menu Start\Programma's\Opstarten\desktop.ini
[06-30-2008 06:38 PM | ---D | C] - C:\Program Files\Common Files\DESIGNER
[06-30-2008 09:59 PM | -HSD | C] - C:\Program Files\Common Files\WindowsLiveInstaller
[07-01-2008 03:50 AM | ---D | C] - C:\Program Files\Common Files\InstallShield
[07-01-2008 04:01 AM | ---D | C] - C:\Program Files\Common Files\Symantec Shared
[07-01-2008 06:38 PM | ---D | C] - C:\Program Files\Common Files\Wise Installation Wizard
[07-01-2008 11:33 AM | ---D | C] - C:\Program Files\Common Files\Adobe
[07-12-2008 05:29 PM | ---D | C] - C:\Program Files\Common Files\Skype
[07-12-2008 12:38 PM | ---D | C] - C:\Program Files\Common Files\Logishrd
[07-20-2008 04:30 PM | ---D | C] - C:\Program Files\Common Files\Nokia
[07-20-2008 04:39 PM | ---D | C] - C:\Program Files\Common Files\PCSuite
[07-20-2008 07:47 PM | ---D | C] - C:\Program Files\Common Files\Download Manager
[08-23-2008 04:18 PM | ---D | C] - C:\Program Files\Common Files\Java
[06-30-2008 06:35 PM | ---D | C] - C:\Program Files\Microsoft Office
[06-30-2008 06:37 PM | ---D | C] - C:\Program Files\Microsoft Visual Studio
[06-30-2008 06:38 PM | ---D | C] - C:\Program Files\Microsoft Works
[06-30-2008 06:39 PM | ---D | C] - C:\Program Files\Microsoft.NET
[06-30-2008 07:35 PM | ---D | C] - C:\Program Files\Mozilla Firefox
[07-01-2008 03:35 AM | ---D | C] - C:\Program Files\Synaptics
[07-01-2008 03:50 AM | ---D | C] - C:\Program Files\ThinkPad
[07-01-2008 03:50 AM | -H-D | C] - C:\Program Files\InstallShield Installation Information
[07-01-2008 03:51 AM | ---D | C] - C:\Program Files\IBM
[07-01-2008 03:54 AM | ---D | C] - C:\Program Files\ATI Technologies
[07-01-2008 03:54 AM | ---D | C] - C:\Program Files\ltmoh
[07-01-2008 03:58 AM | ---D | C] - C:\Program Files\SBApps
[07-01-2008 04:00 AM | ---D | C] - C:\Program Files\InterVideo
[07-01-2008 04:01 AM | ---D | C] - C:\Program Files\Symantec
[07-01-2008 06:39 PM | ---D | C] - C:\Program Files\EndNote 9
[07-01-2008 11:12 AM | ---D | C] - C:\Program Files\Alfa & Ariss
[07-01-2008 11:33 AM | ---D | C] - C:\Program Files\Adobe
[07-03-2008 02:12 PM | ---D | C] - C:\Program Files\UPC
[07-08-2008 09:12 AM | ---D | C] - C:\Program Files\FileZilla FTP Client
[07-09-2008 02:22 PM | ---D | C] - C:\Program Files\MSBuild
[07-09-2008 02:22 PM | ---D | C] - C:\Program Files\Reference Assemblies
[07-09-2008 11:56 AM | ---D | C] - C:\Program Files\Picasa2
[07-11-2008 12:35 PM | ---D | C] - C:\Program Files\Uniblue
[07-12-2008 05:29 PM | ---D | C] - C:\Program Files\Skype
[07-12-2008 07:31 PM | ---D | C] - C:\Program Files\MSN Messenger
[07-12-2008 12:38 PM | ---D | C] - C:\Program Files\Logitech
[07-14-2008 01:41 PM | ---D | C] - C:\Program Files\OpenOffice.org 2.4
[07-20-2008 04:30 PM | ---D | C] - C:\Program Files\Nokia
[07-20-2008 04:31 PM | ---D | C] - C:\Program Files\MSXML 6.0
[07-20-2008 07:25 PM | ---D | C] - C:\Program Files\HijackThis
[07-20-2008 08:29 PM | ---D | C] - C:\Program Files\MSECACHE
[07-20-2008 08:29 PM | ---D | C] - C:\Program Files\Windows Installer Clean Up
[08-18-2008 11:02 AM | ---D | C] - C:\Program Files\Trend Micro
[08-21-2008 09:00 AM | ---D | C] - C:\Program Files\Microsoft Silverlight
[08-23-2008 04:19 PM | ---D | C] - C:\Program Files\Java
[08-23-2008 04:26 PM | ---D | C] - C:\Program Files\Sun

========== Files - Modified Within 90 days ==========

[06-30-2008 07:12 PM | 00,251,712 | RHS- | M] () - C:\ntldr
[06-30-2008 08:29 PM | 00,000,000 | RHS- | M] () - C:\MSDOS.SYS
[07-01-2008 02:34 AM | 00,001,138 | ---- | M] () - C:\SYSLEVEL.IBM
[07-01-2008 03:39 AM | 00,047,564 | RHS- | M] () - C:\NTDETECT.COM
[07-01-2008 04:22 AM | 00,000,194 | RHS- | M] () - C:\BOOT.INI
[07-01-2008 04:23 AM | 00,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT
[07-01-2008 04:23 AM | 00,000,000 | -H-- | M] () - C:\CONFIG.SYS
[07-01-2008 04:23 AM | 00,000,000 | -H-- | M] () - C:\IO.SYS
[07-08-2008 10:56 AM | 00,000,629 | ---- | M] () - C:\index.html
[09-01-2008 10:48 AM | 80,424,5504 | -HS- | M] () - C:\hiberfil.sys
[07-01-2008 03:50 AM | 00,000,000 | RH-- | M] () - C:\WINDOWS\System32\drivers\IBM_2374_N09_TP.MRK
[07-01-2008 04:23 AM | 00,000,047 | ---- | M] () - C:\WINDOWS\System32\drivers\IBM_2374_N09.MRK
[07-12-2008 12:40 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
[07-12-2008 12:41 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
[07-12-2008 12:41 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[07-14-2008 10:51 AM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[07-20-2008 04:43 PM | 00,000,000 | -H-- | M] () - C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[1 C:\WINDOWS\System32\*.tmp files]
[06-30-2008 09:19 PM | 00,000,565 | ---- | M] () - C:\WINDOWS\System32\mapisvc.inf
[07-01-2008 02:34 AM | 00,002,211 | ---- | M] () - C:\WINDOWS\System32\OEMINFO.INI
[07-01-2008 04:08 AM | 00,000,333 | ---- | M] () - C:\WINDOWS\System32\$ncsp$.inf
[07-01-2008 04:22 AM | 00,002,441 | ---- | M] () - C:\WINDOWS\System32\$winnt$.inf
[07-01-2008 04:23 AM | 00,000,010 | ---- | M] () - C:\WINDOWS\System32\firstboot.ibm
[07-12-2008 05:31 PM | 00,000,056 | -H-- | M] () - C:\WINDOWS\System32\ezsidmv.dat
[07-20-2008 09:16 PM | 00,346,608 | ---- | M] () - C:\WINDOWS\System32\FNTCACHE.DAT
[07-20-2008 10:03 PM | 00,000,230 | ---- | M] () - C:\WINDOWS\System32\spupdsvc.inf
[07-20-2008 10:04 PM | 00,069,410 | ---- | M] () - C:\WINDOWS\System32\perfc009.dat
[07-20-2008 10:04 PM | 00,088,852 | ---- | M] () - C:\WINDOWS\System32\perfc013.dat
[07-20-2008 10:04 PM | 00,437,436 | ---- | M] () - C:

#12
rotterdam

Posted 01 September 2008 - 05:30 AM

Member

Topic Starter
Member
13 posts

Here is the second try Extras.Txt!

OTViewIt Extras logfile created on: 1-9-2008 13:24:55 - Run 7
OTViewIt by OldTimer - Version 1.0.1.7 Folder = C:\Documents and Settings\MyName\Mijn documenten\temp
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

766,92 Mb Total Physical Memory | 438,25 Mb Available Physical Memory | 57,14% Memory free
1,83 Gb Paging File | 1,56 Gb Available in Paging File | 84,85% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 58,97 Gb Free Space | 79,12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\IBMTOOLS\Updater\ucsmb.exe" = C:\IBMTOOLS\Updater\ucsmb.exe:*:enabled:IBM Update Connector
[10-25-2002 04:02 AM | 00,348,160 | ---- | M] (IBM Corporation, Inc.)

"C:\IBMTOOLS\Updater\jre\bin\java.exe" = C:\IBMTOOLS\Updater\jre\bin\java.exe:*:enabled:IBM Update Connector
[05-22-2003 03:06 PM | 00,042,072 | ---- | M] (IBM)

"C:\IBMTOOLS\Updater\jre\bin\javaw.exe" = C:\IBMTOOLS\Updater\jre\bin\javaw.exe:*:enabled:IBM Update Connector
[05-22-2003 03:06 PM | 00,042,072 | ---- | M] (IBM)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[04-14-2008 07:03 PM | 00,142,336 | ---- | M] (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[04-13-2008 08:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation)

"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[01-19-2007 12:54 PM | 05,674,352 | ---- | M] (Microsoft Corporation)

"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[01-04-2007 04:10 PM | 00,297,752 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\IBMTOOLS\Updater\ucsmb.exe" = C:\IBMTOOLS\Updater\ucsmb.exe:*:enabled:IBM Update Connector
[10-25-2002 04:02 AM | 00,348,160 | ---- | M] (IBM Corporation, Inc.)

"C:\IBMTOOLS\Updater\jre\bin\java.exe" = C:\IBMTOOLS\Updater\jre\bin\java.exe:*:enabled:IBM Update Connector
[05-22-2003 03:06 PM | 00,042,072 | ---- | M] (IBM)

"C:\IBMTOOLS\Updater\jre\bin\javaw.exe" = C:\IBMTOOLS\Updater\jre\bin\javaw.exe:*:enabled:IBM Update Connector
[05-22-2003 03:06 PM | 00,042,072 | ---- | M] (IBM)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[04-14-2008 07:03 PM | 00,142,336 | ---- | M] (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[04-13-2008 08:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[04-14-2008 07:03 PM | 01,695,232 | -HS- | M] (Microsoft Corporation)

"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[01-19-2007 12:54 PM | 05,674,352 | ---- | M] (Microsoft Corporation)

"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[01-04-2007 04:10 PM | 00,297,752 | ---- | M] (Microsoft Corporation)

"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process
File not found

"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater
File not found

"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox
[07-18-2008 01:24 PM | 00,307,712 | ---- | M] (Mozilla Corporation)

"C:\Program Files\Steam\steamapps\common\quake 3 arena demo\quake3.exe" = C:\Program Files\Steam\steamapps\common\quake 3 arena demo\quake3.exe:*:Enabled:quake3
File not found

"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype
[05-30-2008 03:54 PM | 21,718,312 | R--- | M] (Skype Technologies S.A.)

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] - "%1" %*
.cmd [@ = cmdfile] - "%1" %*
.com [@ = comfile] - "%1" %*
.exe [@ = exefile] - "%1" %*
.url [@ = InternetShortcut] - rundll32.exe ieframe.dll,OpenURL %l
.pif [@ = piffile] - "%1" %*
.scr [@ = scrfile] - "%1" /S

========== Winsock2 Catalogs ==========

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========

========== HKEY_CURRENT_USER Protocol Defaults ==========

========== Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
msdaipp: [HKLM - No CLSID value]

skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM - IEProtocolHandler Class]
[05-30-2008 03:54 PM | 01,942,864 | R--- | M] (Skype Technologies) C:\Program Files\Common Files\Skype\Skype4COM.dll

========== Protocol Filters ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = IBM ThinkPad Toetsenbord aanpassen
"{220C5102-2566-337F-9E9B-C81C5C761BA2}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - NLD
"{22B71A00-4DED-11D4-A5E5-0004AC564F43}" = IBM Access Connections
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{31C2FBAC-67CF-4093-8F36-15A146613747}" = IBM Update Connector
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{53C020C2-8C1A-11D9-8BDE-F66BAD1E3F3A}" = EndNote 9 Volume License Edition
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{6846389C-BAC0-4374-808E-B120F86AF5D7}" = Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
"{6C72E14A-C1F3-45E5-8810-83CE3C19ED63}" = IBM 32-bit SDK for Java 2, v1.4.1
"{6CE96A14-61E2-48CC-837E-22710A953ADE}" = IBM Themes
"{72806716-7088-41B2-8FA6-717A2A164DAB}" = IBM Actief vaste-schijfbeschermingssysteem
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = IBM ThinkPad UltraNav-wizard
"{8745DEAB-1126-42F5-9585-C66D5497B47B}" = EMEA Wallpaper
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C788975-88ED-3C52-A188-6C944E9BD07D}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - NLD
"{91110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{9816B8B8-4B53-4D3D-9235-AD931252001D}" = Windows Live Messenger
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD
"{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = IBM Wireless LAN Adapters Software (11a/b, 11b/g, 11a/b/g)
"{A395750A-78D7-36D1-A59D-1A0B601D4BDC}" = Microsoft .NET Framework 3.5 Language Pack - nld
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{AC76BA86-7AD7-1043-7B44-A81200000003}" = Adobe Reader 8.1.2 - Nederlands
"{AC76BA86-7AD7-1043-7B44-A81200000003}_Adobe Reader 8.1.2 - Nederlands" = Adobe Reader 8.1.2 Security Update 1 (KB403742)
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B5599ECB-DA72-43EE-8A30-2C80396FF8BB}" = Access IBM
"{CD49361E-3FE6-457E-90A1-9C59E29B5D02}" = Java DB 10.3.1.4
"{CF44C7A5-5705-41E4-BE84-A9A42977AB05}" = Access IBM Cleanup Utility
"{EA664480-3844-11D5-8C25-444553540000}" = IBM TrackPoint Toegankelijkheid
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FBD6A335-7E02-43B0-AF58-1B472F9BD3E1}" = Nokia PC Suite
"Access IBM Tools" = Access IBM Tools
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"ATI Display Driver" = ATI Display Driver
"EasyEject Utility" = IBM ThinkPad EasyEject
"FileZilla Client" = FileZilla Client 3.0.11.1
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{6C72E14A-C1F3-45E5-8810-83CE3C19ED63}" = IBM 32-bit SDK for Java 2, v1.4.1
"KB892130" = Windows Genuine Advantage Validation Tool (KB892130)
"KB923789" = Beveiligingsupdate voor Windows XP (KB923789)
"KB942763" = Update voor Windows XP (KB942763)
"KB950759" = Beveiligingsupdate voor Windows XP (KB950759)
"KB950760" = Beveiligingsupdate voor Windows XP (KB950760)
"KB950762" = Beveiligingsupdate voor Windows XP (KB950762)
"KB951376-v2" = Beveiligingsupdate voor Windows XP (KB951376-v2)
"KB951698" = Beveiligingsupdate voor Windows XP (KB951698)
"KB951748" = Beveiligingsupdate voor Windows XP (KB951748)
"KB951978" = Update voor Windows XP (KB951978)
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - nld" = Taalpakket voor Microsoft .NET Framework 3.5 - NL
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa2" = Picasa 2
"Power Features" = IBM ThinkPad Batterijwizard en Energiebeheer
"Power Management Driver" = IBM ThinkPad Power Management Driver
"Presentation Director" = IBM ThinkPad Presentation Director
"PROSet" = Intel® PRO Network Adapters and Drivers
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"SecureW2 Client" = SecureW2 Client 3.1.2
"Shockwave" = Shockwave
"SpeedUpMyPC_is1" = Uniblue SpeedUpMyPC 3
"SynTPDeinstKey" = IBM ThinkPad UltraNav Driver
"ThinkPad Configuration" = IBM ThinkPad Configuratie
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"ThinkPadSoftwareInstaller" = ThinkPad Software Installer
"Van Dale Grote woordenboeken Engels" = Van Dale Grote woordenboeken Engels
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WGA" = Windows Genuine Advantage Validation Tool (KB892130)
"Windows XP Service Pack" = Windows XP Service Pack 3
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CGoban 3" = CGoban 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 24-8-2008 14:09:01 - Computer Name = MyComputerName - User Name = User SID not found - Source = PerfNet
Description = Kan de Server-service niet openen. Prestatiegegevens van de server
zullen
niet worden geretourneerd. De geretourneerde foutcode is een DWORD 0-waarde.

Error - 24-8-2008 16:07:06 - Computer Name = MyComputerName - User Name = User SID not found - Source = PerfNet
Description = Kan de Server-service niet openen. Prestatiegegevens van de server
zullen
niet worden geretourneerd. De geretourneerde foutcode is een DWORD 0-waarde.

Error - 25-8-2008 11:03:07 - Computer Name = MyComputerName - User Name = User SID not found - Source = PerfNet
Description = Kan de Server-service niet openen. Prestatiegegevens van de server
zullen
niet worden geretourneerd. De geretourneerde foutcode is een DWORD 0-waarde.

Error - 30-8-2008 10:33:03 - Computer Name = MyComputerName - User Name = User SID not found - Source = PerfNet
Description = Kan de Server-service niet openen. Prestatiegegevens van de server
zullen
niet worden geretourneerd. De geretourneerde foutcode is een DWORD 0-waarde.

Error - 30-8-2008 10:40:12 - Computer Name = MyComputerName - User Name = User SID not found - Source = Application Hang
Description = Vastgelopen toepassing: firefox.exe, versie: 1.9.0.3105, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error - 31-8-2008 10:08:12 - Computer Name = MyComputerName - User Name = User SID not found - Source = PerfNet
Description = Kan de Server-service niet openen. Prestatiegegevens van de server
zullen
niet worden geretourneerd. De geretourneerde foutcode is een DWORD 0-waarde.

Error - 1-9-2008 6:53:23 - Computer Name = MyComputerName - User Name = User SID not found - Source = PerfNet
Description = Kan de Server-service niet openen. Prestatiegegevens van de server
zullen
niet worden geretourneerd. De geretourneerde foutcode is een DWORD 0-waarde.

Error - 1-9-2008 7:41:00 - Computer Name = MyComputerName - User Name = User SID not found - Source = Application Error
Description = Vastgelopen toepassing: firefox.exe, versie: 1.9.0.3105, vastgelopen
module: unknown, versie: 0.0.0.0, vastgelopen op: 0x07985568.

Error - 1-9-2008 7:43:46 - Computer Name = MyComputerName - User Name = User SID not found - Source = Application Hang
Description = Vastgelopen toepassing: OTViewIt.exe, versie: 1.0.1.7, vastgelopen
module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

Error - 1-9-2008 8:48:27 - Computer Name = MyComputerName - User Name = User SID not found - Source = PerfNet
Description = Kan de Server-service niet openen. Prestatiegegevens van de server
zullen
niet worden geretourneerd. De geretourneerde foutcode is een DWORD 0-waarde.

[ Internet Explorer Events ]

[ Security Events ]

[ System Events ]
Error - 14-8-2008 12:22:40 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 14-8-2008 14:38:26 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 18-8-2008 18:31:41 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 20-8-2008 6:49:23 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 30-8-2008 12:13:51 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 30-8-2008 12:14:21 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 30-8-2008 12:14:51 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 30-8-2008 12:15:21 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 30-8-2008 12:15:51 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

Error - 30-8-2008 12:16:21 - Computer Name = MyComputerName - User Name = MyComputerName\MyName - Source = DCOM
Description = De server {0002DF01-0000-0000-C000-000000000046} heeft zich binnen
de vereiste termijn niet bij DCOM geregistreerd.

< End of report >

#13
rotterdam

Posted 01 September 2008 - 05:37 AM

Member

Topic Starter
Member
13 posts

It appears that i get the wrong logs..

I only get Extras.Txt and OTviewIt.Txt

Is there any way to get that fixed?

greets!

#14
Mike

Posted 01 September 2008 - 06:11 AM

Malware Monger

Retired Staff
2,745 posts

Hi there

Download RSIT you are running OTViewIt. On top of it you keep changing the files to search for to 90 days which I haven't asked for and it makes the log extremely long.

Opened at topic starters request

Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Edited by Mike, 01 September 2008 - 06:14 AM.

#15
rotterdam

Posted 01 September 2008 - 08:40 AM

Member

Topic Starter
Member
13 posts

hmm that was rather careless. Sorry. Better reading now... Here is the third try! the log file:

Logfile of random's system information tool (written by random/random)
Run by Myname at 2008-09-01 16:39:01
Microsoft Windows XP Professional Service Pack 3
System drive C: has 60 GB (79%) free of 76 GB
Total RAM: 767 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:39:02, on 1-9-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP3 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Myname\Bureaublad\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Myname.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [UC_Start] C:\IBMTools\Updater\ucstartup.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1214843449520
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

--
End of file - 7033 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\BMMTask.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"S3TRAY2"=C:\WINDOWS\system32\S3Tray2.exe [2001-10-12 69632]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-08-28 110592]
"TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2003-09-04 77824]
"TPHOTKEY"=C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe [2004-08-07 94208]
"BMMLREF"=C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE [2003-07-11 20480]
"QCTRAY"=C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE [2004-08-18 708608]
"QCWLICON"=C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE [2004-08-18 81920]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2003-09-02 897024]
"TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2002-09-04 53248]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2003-07-18 208896]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-06-27 88363]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-09-12 335872]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2001-09-05 28672]
"UC_Start"=C:\IBMTools\Updater\ucstartup.exe [2003-03-18 32768]
"BMMGAG"=RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952]
"IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2001-09-07 44032]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-03 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"DataLayer"=C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [2005-09-06 820736]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Uniblue SpeedUpMyPC"=C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-01-29 9442584]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Uniblue RegistryBooster 2"=C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe [2008-07-08 1923352]
"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2003-09-12 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\QConGina]
C:\WINDOWS\system32\QConGina.dll [2004-08-18 258048]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\IBMTOOLS\Updater\ucsmb.exe"="C:\IBMTOOLS\Updater\ucsmb.exe:*:enabled:IBM Update Connector"
"C:\IBMTOOLS\Updater\jre\bin\java.exe"="C:\IBMTOOLS\Updater\jre\bin\java.exe:*:enabled:IBM Update Connector"
"C:\IBMTOOLS\Updater\jre\bin\javaw.exe"="C:\IBMTOOLS\Updater\jre\bin\javaw.exe:*:enabled:IBM Update Connector"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Steam\steamapps\common\quake 3 arena demo\quake3.exe"="C:\Program Files\Steam\steamapps\common\quake 3 arena demo\quake3.exe:*:Enabled:quake3"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\IBMTOOLS\Updater\ucsmb.exe"="C:\IBMTOOLS\Updater\ucsmb.exe:*:enabled:IBM Update Connector"
"C:\IBMTOOLS\Updater\jre\bin\java.exe"="C:\IBMTOOLS\Updater\jre\bin\java.exe:*:enabled:IBM Update Connector"
"C:\IBMTOOLS\Updater\jre\bin\javaw.exe"="C:\IBMTOOLS\Updater\jre\bin\javaw.exe:*:enabled:IBM Update Connector"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

List of files/folders created in the last three months

2008-09-01 15:46:45 ----D---- C:\rsit
2008-08-24 18:24:36 ----D---- C:\pics flo
2008-08-23 16:26:24 ----D---- C:\Program Files\Sun
2008-08-23 16:26:13 ----A---- C:\WINDOWS\system32\javaws.exe
2008-08-23 16:26:13 ----A---- C:\WINDOWS\system32\javaw.exe
2008-08-23 16:26:13 ----A---- C:\WINDOWS\system32\java.exe
2008-08-23 16:19:04 ----D---- C:\Program Files\Java
2008-08-23 16:18:46 ----D---- C:\Program Files\Common Files\Java
2008-08-21 09:00:44 ----D---- C:\Program Files\Microsoft Silverlight
2008-08-18 11:06:51 ----D---- C:\VundoFix Backups
2008-08-18 11:06:51 ----A---- C:\VundoFix.txt
2008-08-18 11:02:03 ----D---- C:\Program Files\Trend Micro
2008-07-20 21:31:35 ----D---- C:\WINDOWS\WBEM
2008-07-20 21:29:16 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-07-20 21:28:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-07-20 20:46:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-07-20 20:44:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-07-20 20:29:48 ----D---- C:\Program Files\Windows Installer Clean Up
2008-07-20 20:29:25 ----D---- C:\Program Files\MSECACHE
2008-07-20 19:48:17 ----D---- C:\Documents and Settings\Myname\Application Data\Malwarebytes
2008-07-20 19:48:15 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-20 19:47:59 ----D---- C:\Program Files\Common Files\Download Manager
2008-07-20 19:25:57 ----D---- C:\Program Files\HijackThis
2008-07-20 19:15:29 ----D---- C:\Documents and Settings\Myname\Application Data\Help
2008-07-20 19:13:43 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-07-20 16:45:09 ----D---- C:\Documents and Settings\Myname\Application Data\Nokia
2008-07-20 16:41:35 ----D---- C:\Documents and Settings\Myname\Application Data\PC Suite
2008-07-20 16:39:37 ----D---- C:\Program Files\Common Files\PCSuite
2008-07-20 16:33:33 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia
2008-07-20 16:31:50 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2008-07-20 16:31:43 ----D---- C:\Program Files\MSXML 6.0
2008-07-20 16:30:58 ----D---- C:\Program Files\Nokia
2008-07-20 16:30:57 ----D---- C:\Program Files\Common Files\Nokia
2008-07-20 16:30:20 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2008-07-15 10:28:07 ----D---- C:\Documents and Settings\Myname\Application Data\Ariane Software
2008-07-14 13:43:18 ----D---- C:\Documents and Settings\Myname\Application Data\OpenOffice.org2
2008-07-14 13:41:23 ----D---- C:\Program Files\OpenOffice.org 2.4
2008-07-12 19:31:36 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-07-12 19:31:15 ----D---- C:\Program Files\MSN Messenger
2008-07-12 17:31:18 ----D---- C:\Documents and Settings\Myname\Application Data\skypePM
2008-07-12 17:30:20 ----D---- C:\Documents and Settings\Myname\Application Data\Skype
2008-07-12 17:29:29 ----D---- C:\Program Files\Skype
2008-07-12 17:29:28 ----D---- C:\Program Files\Common Files\Skype
2008-07-12 17:29:18 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-07-12 12:43:04 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-07-12 12:42:40 ----D---- C:\Documents and Settings\Myname\Application Data\Logitech
2008-07-12 12:40:40 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-07-12 12:39:09 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2008-07-12 12:39:00 ----A---- C:\WINDOWS\system32\KemXML.dll
2008-07-12 12:39:00 ----A---- C:\WINDOWS\system32\kemutb.dll
2008-07-12 12:38:59 ----A---- C:\WINDOWS\system32\KemWnd.dll
2008-07-12 12:38:59 ----A---- C:\WINDOWS\system32\KemUtil.dll
2008-07-12 12:38:14 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2008-07-12 12:38:12 ----D---- C:\Program Files\Common Files\Logishrd
2008-07-12 12:38:01 ----D---- C:\Program Files\Logitech
2008-07-12 12:37:54 ----D---- C:\Documents and Settings\Myname\Application Data\InstallShield
2008-07-11 12:37:03 ----D---- C:\Documents and Settings\Myname\Application Data\Uniblue
2008-07-11 12:35:56 ----D---- C:\Program Files\Uniblue
2008-07-09 14:25:12 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2008-07-09 14:22:55 ----D---- C:\Program Files\MSBuild
2008-07-09 14:22:50 ----D---- C:\WINDOWS\system32\XPSViewer
2008-07-09 14:22:43 ----D---- C:\WINDOWS\system32\en-us
2008-07-09 14:22:42 ----D---- C:\Program Files\Reference Assemblies
2008-07-09 14:22:09 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-07-09 14:21:06 ----RSD---- C:\WINDOWS\assembly
2008-07-09 14:20:24 ----D---- C:\WINDOWS\Microsoft.NET
2008-07-09 11:58:03 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-07-09 11:58:03 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-07-09 11:58:03 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-07-09 11:58:03 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-07-09 11:58:03 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-07-09 11:58:03 ----N---- C:\WINDOWS\system32\px.dll
2008-07-09 11:56:44 ----D---- C:\Program Files\Picasa2
2008-07-08 09:13:40 ----D---- C:\Documents and Settings\Myname\Application Data\FileZilla
2008-07-08 09:12:48 ----D---- C:\Program Files\FileZilla FTP Client
2008-07-07 22:35:20 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-07-07 22:35:11 ----D---- C:\Documents and Settings\Myname\Application Data\InterVideo
2008-07-07 11:06:39 ----D---- C:\Documents and Settings\Myname\Application Data\EndNote
2008-07-05 10:05:39 ----D---- C:\Documents and Settings\Myname\Application Data\Google
2008-07-05 10:03:59 ----D---- C:\Program Files\Google
2008-07-04 10:15:45 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2008-07-04 10:15:45 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2008-07-04 10:15:44 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2008-07-04 10:15:43 ----A---- C:\WINDOWS\system32\msir3jp.dll
2008-07-04 10:15:34 ----A---- C:\WINDOWS\system32\kbd101a.dll
2008-07-04 10:15:28 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2008-07-04 10:15:28 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2008-07-04 10:15:28 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2008-07-04 10:15:16 ----A---- C:\WINDOWS\system32\c_is2022.dll
2008-07-04 10:14:56 ----A---- C:\WINDOWS\system32\kbdkor.dll
2008-07-04 10:14:55 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-07-04 10:14:55 ----A---- C:\WINDOWS\system32\kbd103.dll
2008-07-04 10:14:55 ----A---- C:\WINDOWS\system32\kbd101c.dll
2008-07-04 10:14:55 ----A---- C:\WINDOWS\system32\kbd101b.dll
2008-07-04 10:14:54 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-07-04 10:14:53 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2008-07-04 10:14:52 ----A---- C:\WINDOWS\system32\c_iscii.dll
2008-07-04 10:14:50 ----A---- C:\WINDOWS\system32\kbdusa.dll
2008-07-04 10:14:46 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2008-07-03 14:12:13 ----D---- C:\Program Files\UPC
2008-07-02 22:52:31 ----D---- C:\Documents and Settings\Myname\Application Data\VanDale
2008-07-02 09:13:54 ----D---- C:\WINDOWS\pss
2008-07-01 18:39:18 ----D---- C:\Program Files\EndNote 9
2008-07-01 18:38:39 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-01 11:33:54 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-01 11:33:38 ----D---- C:\Program Files\Common Files\Adobe
2008-07-01 11:33:38 ----D---- C:\Program Files\Adobe
2008-07-01 11:12:45 ----D---- C:\Program Files\Alfa & Ariss
2008-07-01 09:19:08 ----A---- C:\WINDOWS\system32\muweb.dll
2008-07-01 09:19:08 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-07-01 09:19:07 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-07-01 08:32:31 ----D---- C:\WINDOWS\Sun
2008-07-01 04:22:58 ----ASH---- C:\Documents and Settings\Myname\Application Data\desktop.ini
2008-07-01 04:22:57 ----SD---- C:\Documents and Settings\Myname\Application Data\Microsoft
2008-07-01 04:22:57 ----D---- C:\Documents and Settings\Myname\Application Data\Symantec
2008-07-01 04:22:57 ----D---- C:\Documents and Settings\Myname\Application Data\Identities
2008-07-01 04:09:18 ----AH---- C:\BOOTLOG.TXT
2008-07-01 04:08:51 ----SHD---- C:\Recycled
2008-07-01 04:08:33 ----A---- C:\WINDOWS\smscfg.ini
2008-07-01 04:01:28 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-07-01 04:01:20 ----D---- C:\Program Files\Symantec
2008-07-01 04:01:18 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-07-01 04:00:37 ----D---- C:\icons
2008-07-01 04:00:15 ----D---- C:\Program Files\InterVideo
2008-07-01 03:59:41 ----D---- C:\Documents and Settings\All Users\Application Data\ibm
2008-07-01 03:59:19 ----D---- C:\WINDOWS\system32\thinkpad_features
2008-07-01 03:58:16 ----A---- C:\WINDOWS\Welcome.ini
2008-07-01 03:58:14 ----D---- C:\WINDOWS\system32\SBUtils
2008-07-01 03:58:14 ----D---- C:\Program Files\SBApps
2008-07-01 03:58:03 ----A---- C:\LOGFILE.txt
2008-07-01 03:57:42 ----A---- C:\WINDOWS\IsUninst.exe
2008-07-01 03:57:30 ----AH---- C:\AUTOEXEC.BAT
2008-07-01 03:54:25 ----D---- C:\Program Files\ATI Technologies
2008-07-01 03:54:15 ----D---- C:\Program Files\ltmoh
2008-07-01 03:54:13 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-07-01 03:54:09 ----D---- C:\WINDOWS\Options
2008-07-01 03:53:19 ----A---- C:\WINDOWS\system32\TP4HOOK.dll
2008-07-01 03:53:19 ----A---- C:\WINDOWS\system32\TP4EX.exe
2008-07-01 03:53:19 ----A---- C:\WINDOWS\system32\tp4cross.exe
2008-07-01 03:53:19 ----A---- C:\WINDOWS\system32\FPCALL.dll
2008-07-01 03:53:10 ----A---- C:\WINDOWS\system32\TpKmpSvc.exe
2008-07-01 03:52:26 ----A---- C:\WINDOWS\system32\tvt_gina_api.dll
2008-07-01 03:52:26 ----A---- C:\WINDOWS\system32\tvt_gina.dll
2008-07-01 03:52:26 ----A---- C:\WINDOWS\system32\QCONSVC.EXE
2008-07-01 03:52:26 ----A---- C:\WINDOWS\system32\QConGina.dll
2008-07-01 03:51:55 ----A---- C:\WINDOWS\system32\ssleay32.dll
2008-07-01 03:51:55 ----A---- C:\WINDOWS\system32\libeay32.dll
2008-07-01 03:51:55 ----A---- C:\WINDOWS\system32\athcfg11.dll
2008-07-01 03:51:55 ----A---- C:\WINDOWS\system32\acs.exe
2008-07-01 03:51:42 ----D---- C:\Program Files\IBM
2008-07-01 03:51:39 ----A---- C:\WINDOWS\system32\results.txt
2008-07-01 03:51:29 ----A---- C:\WINDOWS\system32\ATHCFG10.DLL
2008-07-01 03:51:29 ----A---- C:\WINDOWS\system32\AegisI5.exe
2008-07-01 03:51:29 ----A---- C:\WINDOWS\system32\AegisE5.dll
2008-07-01 03:51:05 ----A---- C:\WINDOWS\TPBATHLP.EXE
2008-07-01 03:51:04 ----A---- C:\WINDOWS\IsUn0413.exe
2008-07-01 03:50:53 ----A---- C:\WINDOWS\_tpiu000.exe
2008-07-01 03:50:12 ----D---- C:\Program Files\ThinkPad
2008-07-01 03:50:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-07-01 03:50:02 ----A---- C:\WINDOWS\system32\TpShocks.exe
2008-07-01 03:50:02 ----A---- C:\WINDOWS\system32\TpShCPL.dll
2008-07-01 03:50:02 ----A---- C:\WINDOWS\system32\Sensor.dll
2008-07-01 03:50:00 ----D---- C:\Program Files\Common Files\InstallShield
2008-07-01 03:46:34 ----D---- C:\WINDOWS\SoftwareDistribution
2008-07-01 03:41:01 ----A---- C:\WINDOWS\system32\comsdupd.exe
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\btpanui.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\bthserv.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\bthci.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-07-01 03:40:47 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\httpapi.dll
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\hsfcisp2.dll
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\fwcfg.dll
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-07-01 03:40:46 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\mp4sdmod.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\mp43dmod.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdukx.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdno1.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdinben.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\ir50_32.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2008-07-01 03:40:45 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\s3gnb.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\p2psvc.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\p2p.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\mtxparhd.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2008-07-01 03:40:44 ----A---- C:\WINDOWS\system32\msdadiag.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\wmidx.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\wmerror.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\w3ssl.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\twext.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\strmfilt.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\slserv.exe
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\slrundll.exe
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\slgen.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\slextspk.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\slcoinst.dll
2008-07-01 03:40:43 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wups.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wmspdmoe.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wmpasf.dll
2008-07-01 03:40:42 ----A---- C:\WINDOWS\system32\wmp.dll
2008-07-01 03:40:41 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-07-01 03:40:41 ----A---- C:\WINDOWS\slrundll.exe
2008-07-01 03:40:40 ----D---- C:\WINDOWS\provisioning
2008-07-01 03:40:40 ----D---- C:\WINDOWS\peernet
2008-07-01 03:39:26 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-07-01 03:39:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-07-01 03:39:18 ----D---- C:\WINDOWS\EHome
2008-07-01 03:36:56 ----A---- C:\WINDOWS\system32\hccoin.dll
2008-07-01 03:35:42 ----D---- C:\Program Files\Synaptics
2008-07-01 02:34:22 ----A---- C:\WINDOWS\system32\OEMINFO.INI
2008-07-01 02:33:28 ----D---- C:\DRIVERS
2008-07-01 02:08:10 ----AD---- C:\IBMTOOLS
2008-06-30 22:26:49 ----D---- C:\Documents and Settings\Myname\Application Data\Macromedia
2008-06-30 22:26:49 ----D---- C:\Documents and Settings\Myname\Application Data\Adobe
2008-06-30 21:59:55 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-30 21:59:37 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-30 21:23:44 ----D---- C:\WINDOWS\system32\appmgmt
2008-06-30 21:19:58 ----D---- C:\WINDOWS\system32\FxsTmp
2008-06-30 21:19:52 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
2008-06-30 21:19:42 ----A---- C:\WINDOWS\system32\fxssend.exe
2008-06-30 21:19:42 ----A---- C:\WINDOWS\system32\fxsroute.dll
2008-06-30 21:19:42 ----A---- C:\WINDOWS\system32\fxsperf.ini
2008-06-30 21:19:42 ----A---- C:\WINDOWS\system32\fxsclntR.dll
2008-06-30 21:19:42 ----A---- C:\WINDOWS\system32\fxscfgwz.dll
2008-06-30 21:19:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-06-30 21:18:33 ----A---- C:\WINDOWS\system32\MRT.exe
2008-06-30 21:18:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-06-30 21:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2008-06-30 21:18:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-06-30 21:17:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-06-30 21:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-06-30 20:34:37 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-06-30 20:33:32 ----SHD---- C:\RECYCLER
2008-06-30 20:30:29 ----A---- C:\WINDOWS\vdgwwin.ini
2008-06-30 20:30:11 ----D---- C:\VanDale
2008-06-30 19:42:07 ----D---- C:\Documents and Settings\Myname\Application Data\Sun
2008-06-30 19:35:19 ----D---- C:\Documents and Settings\Myname\Application Data\Mozilla
2008-06-30 19:35:05 ----D---- C:\Program Files\Mozilla Firefox
2008-06-30 19:27:34 ----D---- C:\WINDOWS\Prefetch
2008-06-30 19:21:05 ----D---- C:\WINDOWS\system32\nl-nl
2008-06-30 19:21:03 ----D---- C:\WINDOWS\system32\nl
2008-06-30 19:21:03 ----D---- C:\WINDOWS\l2schemas
2008-06-30 19:21:02 ----D---- C:\WINDOWS\system32\bits
2008-06-30 19:16:42 ----D---- C:\WINDOWS\ServicePackFiles
2008-06-30 19:12:43 ----D---- C:\WINDOWS\network diagnostic
2008-06-30 19:07:43 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-06-30 18:41:20 ----A---- C:\WINDOWS\ODBC.INI
2008-06-30 18:41:03 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-06-30 18:39:31 ----D---- C:\Program Files\Microsoft.NET
2008-06-30 18:38:22 ----D---- C:\Program Files\Common Files\DESIGNER
2008-06-30 18:38:13 ----D---- C:\Program Files\Microsoft Works
2008-06-30 18:37:59 ----D---- C:\Program Files\Microsoft Visual Studio
2008-06-30 18:37:25 ----D---- C:\WINDOWS\SHELLNEW
2008-06-30 18:35:50 ----D---- C:\Program Files\Microsoft Office
2008-06-30 18:35:35 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-30 18:34:33 ----D---- C:\WINDOWS\system32\PreInstall
2008-06-30 18:34:30 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-06-30 18:34:30 ----HD---- C:\WINDOWS\$hf_mig$
2008-06-30 18:33:56 ----RHD---- C:\MSOCache
2008-06-30 18:31:43 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-06-30 18:31:43 ----A---- C:\WINDOWS\system32\wups2.dll
2008-06-30 18:31:42 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-06-30 18:31:42 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-06-30 18:31:41 ----A---- C:\WINDOWS\system32\wuapi.dll.mui

List of drivers

R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2004-08-18 11520]
R1 IBMTPCHK;IBMTPCHK; C:\WINDOWS\System32\drivers\IBMBLDID.SYS [2004-08-18 2432]
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2003-07-03 14848]
R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2003-07-03 8830]
R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2004-06-10 16340]
R1 TPPWR;TPPWR; C:\WINDOWS\System32\drivers\Tppwr.sys [2003-07-11 15360]
R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2003-09-12 7168]
R2 irda;IrDA Protocol; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-07-01 15781]
R2 PMEM;PMEM; \??\C:\WINDOWS\system32\drivers\PMEMNT.SYS []
R2 ShockMgr;ShockMgr; C:\WINDOWS\system32\drivers\ShockMgr.sys [2003-07-24 4225]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-07-03 100256]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-06-27 1196352]
R3 AR5211;Dual-band Wi-Fi Wireless Mini PCI Adapter; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2004-07-23 393408]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2003-09-12 596480]
R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E1000;Intel® PRO/1000 Adapter Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2003-06-13 104448]
R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\System32\DRIVERS\ibmpmdrv.sys [2004-02-26 11344]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-09-06 12288]
R3 NSCIRDA;Stuurprogramma voor NSC-infraroodapparaat; C:\WINDOWS\System32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN-minipoort (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-18 19584]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-28 578304]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2003-08-28 270288]
R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 P3;Stuurprogramma voor Intel PentiumIII-processor; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-14 46848]
S3 ac97intc;Intel® 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-18 96256]
S3 E100B;Intel® PRO Adapter-stuurprogramma; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2001-09-07 117760]
S3 LucentSoftModem;Lucent Technologies Soft Modem; C:\WINDOWS\System32\DRIVERS\LTSM.sys [2001-08-18 802683]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
S3 msloop;Stuurprogramma voor Microsoft Loopback-adapter; C:\WINDOWS\System32\DRIVERS\loop.sys [2001-08-17 4992]
S3 QCNDISIF;QCNDISIF; C:\WINDOWS\System32\drivers\qcndisif.SYS [2004-08-18 12288]
S3 S3SSavage;S3SSavage; C:\WINDOWS\System32\DRIVERS\s3ssavm.sys [2001-11-01 95104]
S3 TwoTrack;Stuurprogramma voor IBM PS/2 TrackPoint Filter; C:\WINDOWS\System32\DRIVERS\TwoTrack.sys [2001-08-18 11520]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\System32\DRIVERS\agpCPQ.sys []
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\System32\DRIVERS\alim1541.sys []
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\System32\DRIVERS\amdagp.sys []
S4 cbidf;cbidf; C:\WINDOWS\system32\System32\DRIVERS\cbidf2k.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\System32\DRIVERS\intelide.sys []
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\System32\DRIVERS\sisagp.sys []
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\System32\DRIVERS\viaagp.sys []

List of services

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2003-09-12 323584]
R2 IBMPMSVC;IBM PM Service; C:\WINDOWS\System32\ibmpmsvc.exe [2004-02-26 57344]
R2 Irmon;Infraroodmonitor; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 QCONSVC;QCONSVC; C:\WINDOWS\System32\QCONSVC.EXE [2004-08-18 73728]
R2 SNMP;SNMP-service; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2003-07-12 32768]
R3 ACS;ACU Configuration Service; C:\WINDOWS\system32\acs.exe [2004-07-17 36864]
R3 usnjsvc;Messenger USN Journal Reader service voor Gedeelde mappen; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-05 137200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 LPDSVC;TCP/IP Print Server; C:\WINDOWS\System32\tcpsvcs.exe [2001-09-07 19456]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SNMPTRAP;SNMP Trap-service; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

Edited by rotterdam, 01 September 2008 - 08:42 AM.