Tech Support Forum - View Single Post

slimsay · 10-13-2007, 08:07 AM

ComboFix 07-10-08.3 - randy 2007-10-12 2:22:04.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.174 [GMT -8:00]
Running from: C:\Documents and Settings\randy\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\randy\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-09-12 to 2007-10-12 )))))))))))))))))))))))))))))))
.

2007-10-12 01:25 <DIR> d-------- C:\Program Files\Norton Internet Security
2007-10-12 01:24 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-10-12 01:24 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-10-12 01:12 <DIR> d-------- C:\Program Files\Symantec
2007-10-10 09:47 <DIR> d-------- C:\Documents and Settings\randy\Application Data\BitDefender
2007-10-10 07:38 <DIR> d-------- C:\Documents and Settings\randy\Downloads
2007-10-10 01:18 <DIR> d-------- C:\Documents and Settings\randy\Application Data\CheckPoint
2007-10-10 01:17 <DIR> d-------- C:\Program Files\CheckPoint
2007-10-09 01:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-10-09 01:20 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-10-09 00:22 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-08 23:43 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-10-08 23:42 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-10-08 23:41 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-10-08 23:24 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-10-08 22:39 <DIR> d-------- C:\Program Files\CCleaner
2007-10-08 18:35 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-08 18:32 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-10-08 12:32 <DIR> d-------- C:\VundoFix Backups
2007-10-07 15:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2007-10-07 14:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2007-10-07 13:47 <DIR> d-------- C:\Documents and Settings\randy\Application Data\SiteAdvisor
2007-10-07 13:17 2,977,792 --------- C:\WINDOWS\UNNMP.exe
2007-10-07 13:13 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2007-10-07 13:10 2,977,792 --------- C:\WINDOWS\UNNeroVision.exe
2007-10-07 13:10 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2007-10-07 13:10 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2007-10-07 13:10 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2007-10-07 13:10 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll
2007-10-07 13:10 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2007-10-07 13:10 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-10-07 13:10 38,912 --------- C:\WINDOWS\system32\picn20.dll
2007-10-06 22:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-10-04 23:16 <DIR> d-------- C:\WINDOWS\config
2007-10-04 15:01 <DIR> d-------- C:\Documents and Settings\randy\Application Data\FogelSoft
2007-10-04 15:00 <DIR> d-------- C:\Documents and Settings\randy\Application Data\Opera
2007-10-03 23:36 <DIR> d-------- C:\Program Files\SuperBladePro
2007-10-03 22:35 <DIR> d-------- C:\Deckard
2007-10-03 22:07 0 --a------ C:\WINDOWS\nsreg.dat
2007-10-01 14:23 4,912 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-10-01 11:54 <DIR> d-------- C:\Program Files\Windows Live
2007-09-30 14:35 <DIR> d-------- C:\Program Files\ViStart_www.softarchive.net
2007-09-29 18:06 <DIR> d-------- C:\Program Files\XP Repair Pro 2007
2007-09-29 17:57 <DIR> d-------- C:\Program Files\XPRepairPro2006
2007-09-28 14:01 <DIR> d-------- C:\Documents and Settings\randy\Application Data\Leadertech
2007-09-28 01:35 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2007-09-27 00:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2007-09-26 18:59 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-09-26 18:53 <DIR> d-------- C:\Program Files\Windows Desktop Search
2007-09-26 18:52 192,000 -----c--- C:\WINDOWS\system32\dllcache\offfilt.dll
2007-09-26 18:52 98,304 -----c--- C:\WINDOWS\system32\dllcache\nlhtml.dll
2007-09-26 18:49 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-09-26 18:46 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2007-09-26 10:49 <DIR> d-------- C:\Documents and Settings\randy\Application Data\???????sAppData
2007-09-26 07:11 <DIR> d-------- C:\Program Files\Formosoft
2007-09-26 07:11 1,032,192 --a------ C:\WINDOWS\AquaReal.scr
2007-09-26 07:11 131,072 --a------ C:\WINDOWS\SNVerifyDLL.dll
2007-09-26 06:54 <DIR> d-------- C:\Program Files\3D Fish School 3
2007-09-26 06:54 4,770,816 --a------ C:\WINDOWS\3D Fish School 3.scr
2007-09-26 06:54 118,784 --a------ C:\WINDOWS\dx7ogl32.dll
2007-09-24 21:15 249,856 --------- C:\WINDOWS\Setup1.exe
2007-09-24 21:15 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-09-24 14:46 <DIR> d-------- C:\Program Files\AIMP2
2007-09-19 19:21 <DIR> d-------- C:\Program Files\Microsoft Encarta
2007-09-18 19:52 <DIR> d-------- C:\Documents and Settings\randy\Application Data\Symantec
2007-09-18 14:43 317,616 --a------ C:\WINDOWS\system32\drivers\srtspl.sys
2007-09-18 14:43 278,576 --a------ C:\WINDOWS\system32\drivers\srtsp.sys
2007-09-18 14:43 43,696 --a------ C:\WINDOWS\system32\drivers\srtspx.sys
2007-09-14 23:11 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-09-14 22:59 <DIR> d-------- C:\Program Files\MSBuild
2007-09-14 22:59 <DIR> d-------- C:\Program Files\Microsoft Works
2007-09-14 22:56 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-09-14 22:43 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2007-09-14 22:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-09-14 22:27 <DIR> d-------- C:\Program Files\PowerISO
2007-09-14 13:07 <DIR> d-------- C:\Program Files\Apple Software Update
2007-09-14 09:51 <DIR> d-------- C:\Program Files\Microsoft Silverlight

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-12 02:10 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-10-12 01:54 --------- d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-10-12 01:49 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-10-12 01:49 10740 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k7
2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k6
2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k5
2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k4
2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k3
2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k2
2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k1
2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k0
2007-10-11 23:55 --------- d-------- C:\Documents and Settings\randy\Application Data\uTorrent
2007-10-10 16:31 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-10-08 00:26 --------- d-------- C:\Program Files\Trend Micro
2007-10-07 23:12 --------- d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2007-10-07 13:17 --------- d-------- C:\Program Files\Ahead
2007-10-07 13:09 --------- d-------- C:\Program Files\Common Files\Ahead
2007-10-04 15:01 --------- d-------- C:\Program Files\Windows Live Safety Center
2007-10-04 15:01 --------- d-------- C:\Program Files\OneStepSearch
2007-10-04 15:01 --------- d-------- C:\Documents and Settings\randy\Application Data\dvdcss
2007-10-04 15:01 --------- d-------- C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2007-10-01 14:40 72074 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-10-01 11:54 --------- d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-09-28 12:24 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-09-26 10:49 --------- d-------- C:\Documents and Settings\randy\Application Data\???????sAppData
2007-09-26 07:08 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-09-19 20:12 --------- d-------- C:\Program Files\Yahoo!
2007-09-19 20:12 --------- d-------- C:\Program Files\Common Files\Scanner
2007-09-18 23:37 --------- d-------- C:\Program Files\SUPERAntiSpyware
2007-09-18 23:37 --------- d-------- C:\Documents and Settings\randy\Application Data\SUPERAntiSpyware.com
2007-09-18 14:44 1430 --a------ C:\WINDOWS\system32\drivers\srtspl.inf
2007-09-18 14:44 1421 --a------ C:\WINDOWS\system32\drivers\srtspx.inf
2007-09-18 14:44 1415 --a------ C:\WINDOWS\system32\drivers\srtsp.inf
2007-09-18 14:44 10662 --a------ C:\WINDOWS\system32\drivers\srtspx.cat
2007-09-18 14:44 10662 --a------ C:\WINDOWS\system32\drivers\srtspl.cat
2007-09-18 14:44 10658 --a------ C:\WINDOWS\system32\drivers\srtsp.cat
2007-09-17 17:05 --------- d-------- C:\Documents and Settings\randy\Application Data\Apple Computer
2007-09-14 22:06 --------- d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-09-07 20:16 --------- d-------- C:\Documents and Settings\randy\Application Data\MSN6
2007-09-07 20:15 --------- d-------- C:\Documents and Settings\All Users\Application Data\MSN6
2007-09-03 09:18 --------- d-------- C:\Program Files\uTorrent
2007-08-29 15:16 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-08-29 13:42 --------- d-------- C:\Program Files\DivX
2007-08-29 13:02 --------- d-------- C:\Documents and Settings\randy\Application Data\Yahoo!
2007-08-29 13:02 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-08-27 23:16 --------- d-------- C:\Program Files\Common Files\Download Manager
2007-08-27 17:36 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-08-26 22:48 --------- d-------- C:\Program Files\Flash N Burn
2007-08-25 21:26 --------- d-------- C:\Documents and Settings\randy\Application Data\AIMP
2007-08-20 22:15 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-07-30 18:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 18:19 68440 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 18:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 18:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 18:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 18:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-07-30 18:19 207736 --a------ C:\WINDOWS\system32\muweb.dll
2007-07-30 18:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 18:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 18:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-26 15:06 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-26 15:06 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
.

((((((((((((((((((((((((((((( snapshot@2007-10-08_10.22.12.82 )))))))))))))))))))))))))))))))))))))))))
.
----a-w 14,048 2005-10-12 23:12:25 C:\WINDOWS\$hf_mig$\KB933729\spmsg.dll
----a-w 213,216 2005-10-12 23:12:26 C:\WINDOWS\$hf_mig$\KB933729\spuninst.exe
----a-w 582,656 2007-07-09 13:16:16 C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\rpcrt4.dll
----a-w 350,720 2007-06-19 07:24:36 C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\xpsp3res.dll
----a-w 22,752 2005-10-12 23:12:25 C:\WINDOWS\$hf_mig$\KB933729\update\spcustom.dll
----a-w 716,000 2005-10-12 23:12:28 C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
----a-w 371,424 2005-10-12 23:12:33 C:\WINDOWS\$hf_mig$\KB933729\update\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\$hf_mig$\KB939653-IE7\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$hf_mig$\KB939653-IE7\spuninst.exe
----a-w 124,928 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll
----a-w 214,528 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll
----a-w 132,608 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll
----a-w 63,488 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll
----a-w 70,656 2007-08-17 10:12:34 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
----a-w 153,088 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll
----a-w 230,400 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll
----a-w 161,792 2007-08-17 07:29:55 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll
----a-w 2,455,488 2007-04-17 09:28:12 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat
----a-w 383,488 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll
----a-w 387,584 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll
----a-w 6,066,176 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll
----a-w 44,544 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll
----a-w 267,776 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll
----a-w 13,824 2007-08-17 10:12:35 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
----a-w 625,152 2007-08-17 10:12:49 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
----a-w 27,648 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll
----a-w 459,264 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeeds.dll
----a-w 52,224 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeedsbs.dll
----a-w 3,592,192 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
----a-w 478,208 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtmled.dll
----a-w 193,024 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll
----a-w 671,232 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mstime.dll
----a-w 102,400 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\occache.dll
----a-w 105,984 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\url.dll
----a-w 1,161,728 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\urlmon.dll
----a-w 232,960 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\webcheck.dll
----a-w 825,344 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
----a-w 683,520 2007-08-21 06:25:02 C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
----a-w 141,424 2006-08-24 16:28:54 C:\WINDOWS\Downloaded Program Files\asinst.dll
-c----w 124,928 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll
-c----w 214,528 2006-10-17 18:57:50 C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll
-c----w 132,608 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\extmgr.dll
-c----w 61,952 2006-10-17 18:58:20 C:\WINDOWS\ie7updates\KB939653-IE7\icardie.dll
-c----w 63,488 2007-06-27 08:27:04 C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe
-c----w 153,088 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll
-c----w 230,400 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll
-c----w 161,792 2007-06-27 07:00:33 C:\WINDOWS\ie7updates\KB939653-IE7\ieakui.dll
-c----w 383,488 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dll
-c----w 384,512 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll
-c----w 6,058,496 2007-06-27 14:34:55 C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll
-c----w 44,544 2007-06-27 14:34:55 C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll
-c----w 267,776 2007-06-27 14:34:55 C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll
-c----w 13,824 2007-06-27 08:27:05 C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe
-c----w 625,152 2007-06-27 08:27:30 C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
-c----w 27,648 2007-06-27 14:34:56 C:\WINDOWS\ie7updates\KB939653-IE7\jsproxy.dll
-c----w 459,264 2007-06-27 14:34:56 C:\WINDOWS\ie7updates\KB939653-IE7\msfeeds.dll
-c----w 52,224 2007-06-27 14:34:56 C:\WINDOWS\ie7updates\KB939653-IE7\msfeedsbs.dll
-c----w 3,856,384 2007-07-19 06:59:59 C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll
-c----w 477,696 2007-06-27 14:34:57 C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll
-c----w 193,024 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll
-c----w 671,232 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\mstime.dll
-c----w 163,840 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll
-c----w 62,464 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\url.dll
-c----w 1,225,728 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll
-c----w 393,728 2007-06-27 14:34:59 C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll
-c----w 814,592 2007-06-27 14:34:59 C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll
-c----w 213,216 2007-03-06 01:22:41 C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe
-c----w 371,424 2007-03-06 01:23:51 C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\updspapi.dll
----a-r 1,165,584 2007-10-09 09:07:43 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
----a-r 20,240 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
----a-r 159,504 2007-10-09 09:07:43 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
----a-r 184,080 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
----a-r 217,864 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
----a-r 18,704 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
----a-r 35,088 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
----a-r 845,584 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
----a-r 922,384 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
----a-r 272,648 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
----a-r 888,080 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
----a-r 1,172,240 2007-10-09 09:07:43 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
----a-w 14,048 2005-10-12 23:12:25 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\spmsg.dll
----a-w 213,216 2005-10-12 23:12:26 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\spuninst.exe
----a-w 584,192 2007-07-09 13:09:42 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2GDR\rpcrt4.dll
----a-w 115,712 2007-06-13 06:53:14 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2GDR\xpsp3res.dll
----a-w 582,656 2007-07-09 13:16:16 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2QFE\rpcrt4.dll
----a-w 350,720 2007-06-19 07:24:36 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2QFE\xpsp3res.dll
----a-w 22,752 2005-10-12 23:12:25 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\spcustom.dll
----a-w 716,000 2005-10-12 23:12:28 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\update.exe
----a-w 371,424 2005-10-12 23:12:33 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\spuninst.exe
----a-w 124,928 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\advpack.dll
----a-w 214,528 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\dxtrans.dll
----a-w 132,608 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\extmgr.dll
----a-w 63,488 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\icardie.dll
----a-w 63,488 2007-08-17 10:20:54 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ie4uinit.exe
----a-w 153,088 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieakeng.dll
----a-w 230,400 2007-08-20 10:04:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieaksie.dll
----a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieakui.dll
----a-w 383,488 2007-08-20 10:04:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieapfltr.dll
----a-w 384,512 2007-08-20 10:04:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iedkcs32.dll
----a-w 6,058,496 2007-08-20 10:04:37 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieframe.dll
----a-w 44,544 2007-08-20 10:04:38 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iernonce.dll
----a-w 267,776 2007-08-20 10:04:38 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iertutil.dll
----a-w 13,824 2007-08-17 10:20:54 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieudinit.exe
----a-w 625,152 2007-08-17 10:21:21 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iexplore.exe
----a-w 27,648 2007-08-20 10:04:39 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\jsproxy.dll
----a-w 459,264 2007-08-20 10:04:39 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\msfeeds.dll
----a-w 52,224 2007-08-20 10:04:39 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\msfeedsbs.dll
----a-w 3,584,512 2007-08-20 10:04:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\mshtml.dll
----a-w 477,696 2007-08-20 10:04:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\mshtmled.dll
----a-w 193,024 2007-08-20 10:04:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\msrating.dll
----a-w 671,232 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\mstime.dll
----a-w 102,400 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\occache.dll
----a-w 105,984 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\url.dll
----a-w 1,152,000 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\urlmon.dll
----a-w 232,960 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\webcheck.dll
----a-w 824,832 2007-08-20 10:04:43 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\wininet.dll
----a-w 124,928 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\advpack.dll
----a-w 214,528 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\dxtrans.dll
----a-w 132,608 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\extmgr.dll
----a-w 63,488 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\icardie.dll
----a-w 70,656 2007-08-17 10:12:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ie4uinit.exe
----a-w 153,088 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieakeng.dll
----a-w 230,400 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieaksie.dll
----a-w 161,792 2007-08-17 07:29:55 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieakui.dll
----a-w 2,455,488 2007-04-17 09:28:12 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieapfltr.dat
----a-w 383,488 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieapfltr.dll
----a-w 387,584 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iedkcs32.dll
----a-w 6,066,176 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieframe.dll
----a-w 44,544 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iernonce.dll
----a-w 267,776 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iertutil.dll
----a-w 13,824 2007-08-17 10:12:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieudinit.exe
----a-w 625,152 2007-08-17 10:12:49 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iexplore.exe
----a-w 27,648 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\jsproxy.dll
----a-w 459,264 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\msfeeds.dll
----a-w 52,224 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\msfeedsbs.dll
----a-w 3,592,192 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\mshtml.dll
----a-w 478,208 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\mshtmled.dll
----a-w 193,024 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\msrating.dll
----a-w 671,232 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\mstime.dll
----a-w 102,400 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\occache.dll
----a-w 105,984 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\url.dll
----a-w 1,161,728 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\urlmon.dll
----a-w 232,960 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\webcheck.dll
----a-w 825,344 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\wininet.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\update\updspapi.dll
----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\spmsg.dll
----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\spuninst.exe
----a-w 683,520 2007-08-21 06:15:44 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\sp2gdr\inetcomm.dll
----a-w 683,520 2007-08-21 06:25:02 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\sp2qfe\inetcomm.dll
----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\spcustom.dll
----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\update.exe
----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\updspapi.dll
----a-w 124,928 2007-08-20 10:04:34 C:\WINDOWS\system32\advpack.dll
----a-w 73,728 2006-08-02 20:39:06 C:\WINDOWS\system32\asuninst.exe
----a-w 214,528 2007-08-20 10:04:34 C:\WINDOWS\system32\dxtrans.dll
----a-w 132,608 2007-08-20 10:04:34 C:\WINDOWS\system32\extmgr.dll
----a-w 63,488 2007-08-20 10:04:34 C:\WINDOWS\system32\icardie.dll
----a-w 63,488 2007-08-17 10:20:54 C:\WINDOWS\system32\ie4uinit.exe
----a-w 153,088 2007-08-20 10:04:34 C:\WINDOWS\system32\ieakeng.dll
----a-w 230,400 2007-08-20 10:04:35 C:\WINDOWS\system32\ieaksie.dll
----a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\system32\ieakui.dll
----a-w 383,488 2007-08-20 10:04:35 C:\WINDOWS\system32\ieapfltr.dll
----a-w 384,512 2007-08-20 10:04:35 C:\WINDOWS\system32\iedkcs32.dll
----a-w 6,058,496 2007-08-20 10:04:37 C:\WINDOWS\system32\ieframe.dll
----a-w 44,544 2007-08-20 10:04:38 C:\WINDOWS\system32\iernonce.dll
----a-w 267,776 2007-08-20 10:04:38 C:\WINDOWS\system32\iertutil.dll
----a-w 13,824 2007-08-17 10:20:54 C:\WINDOWS\system32\ieudinit.exe
----a-w 135,168 2007-09-25 06:30:28 C:\WINDOWS\system32\java.exe
----a-w 135,168 2007-09-25 06:30:30 C:\WINDOWS\system32\javaw.exe
----a-w 139,264 2007-09-25 07:31:42 C:\WINDOWS\system32\javaws.exe
----a-w 27,648 2007-08-20 10:04:39 C:\WINDOWS\system32\jsproxy.dll
----a-w 18,089,592 2007-09-28 05:19:39 C:\WINDOWS\system32\MRT.exe
----a-w 459,264 2007-08-20 10:04:39 C:\WINDOWS\system32\msfeeds.dll
----a-w 52,224 2007-08-20 10:04:39 C:\WINDOWS\system32\msfeedsbs.dll
----a-w 3,584,512 2007-08-20 10:04:41 C:\WINDOWS\system32\mshtml.dll
----a-w 477,696 2007-08-20 10:04:41 C:\WINDOWS\system32\mshtmled.dll
----a-w 193,024 2007-08-20 10:04:41 C:\WINDOWS\system32\msrating.dll
----a-w 671,232 2007-08-20 10:04:42 C:\WINDOWS\system32\mstime.dll
----a-w 102,400 2007-08-20 10:04:42 C:\WINDOWS\system32\occache.dll
----a-w 584,192 2007-07-09 13:09:42 C:\WINDOWS\system32\rpcrt4.dll
----a-w 613,056 2006-09-03 05:35:16 C:\WINDOWS\system32\SymNeti.dll
----a-w 239,808 2006-09-03 05:35:10 C:\WINDOWS\system32\SymRedir.dll
----a-w 105,984 2007-08-20 10:04:42 C:\WINDOWS\system32\url.dll
----a-w 1,152,000 2007-08-20 10:04:42 C:\WINDOWS\system32\urlmon.dll
----a-w 83,432 2007-09-07 00:14:04 C:\WINDOWS\system32\vsdata.dll
----a-w 395,080 2007-09-07 00:14:28 C:\WINDOWS\system32\vsdatant.sys
----a-w 46,568 2007-09-07 00:14:06 C:\WINDOWS\system32\vswmi.dll
----a-w 232,960 2007-08-20 10:04:42 C:\WINDOWS\system32\webcheck.dll
----a-w 824,832 2007-08-20 10:04:43 C:\WINDOWS\system32\wininet.dll
----a-w 115,712 2007-06-13 06:53:14 C:\WINDOWS\system32\xpsp3res.dll
----a-w 83,432 2007-09-07 00:14:06 C:\WINDOWS\system32\zlcomm.dll
----a-w 71,144 2007-09-07 00:14:08 C:\WINDOWS\system32\zlcommdb.dll
----a-w 11,776 2003-03-26 02:53:50 C:\WINDOWS\system32\ZPORT4AS.dll
----a-w 110,592 2007-03-29 17:20:50 C:\WINDOWS\system32\ActiveScan\as.dll
----a-w 233,472 2006-10-06 00:15:26 C:\WINDOWS\system32\ActiveScan\ascontrol.dll
----a-w 96,256 2005-06-03 22:03:18 C:\WINDOWS\system32\ActiveScan\asmdat.dll
----a-w 36,864 2003-08-01 19:00:16 C:\WINDOWS\system32\ActiveScan\certdll.dll
----a-w 86,016 2005-05-20 21:42:44 C:\WINDOWS\system32\ActiveScan\instlsp.dll
----a-w 4,608 2006-02-17 02:20:20 C:\WINDOWS\system32\ActiveScan\memvfile.dll
----a-w 348,160 2005-10-26 02:08:32 C:\WINDOWS\system32\ActiveScan\msvcr71.dll
----a-w 139,264 2004-05-04 23:01:02 C:\WINDOWS\system32\ActiveScan\pavaleas.dll
----a-w 45,056 2006-07-14 21:04:10 C:\WINDOWS\system32\ActiveScan\pavdr.exe
----a-w 159,832 2006-04-10 18:50:02 C:\WINDOWS\system32\ActiveScan\pavexcom.dll
----a-w 94,208 2006-02-14 21:05:38 C:\WINDOWS\system32\ActiveScan\pavinas.dll
----a-w 180,224 2006-02-17 02:35:38 C:\WINDOWS\system32\ActiveScan\pavoe.dll
----a-w 122,880 2006-10-06 00:15:38 C:\WINDOWS\system32\ActiveScan\pavpz.dll
----a-w 8,704 2006-06-30 22:13:38 C:\WINDOWS\system32\ActiveScan\pfdnnt.exe
----a-w 49,152 2004-02-04 22:08:42 C:\WINDOWS\system32\ActiveScan\port32.dll
----a-w 69,632 2006-08-01 21:23:10 C:\WINDOWS\system32\ActiveScan\pscpu.dll
----a-w 1,388,544 2006-08-23 21

08 C:\WINDOWS\system32\ActiveScan\pskahk.dll
----a-w 10,752 2006-08-17 19:38:14 C:\WINDOWS\system32\ActiveScan\pskalloc.dll
----a-w 61,440 2006-09-04 19:49:54 C:\WINDOWS\system32\ActiveScan\pskas.dll
----a-w 779,264 2006-08-18 16:46:18 C:\WINDOWS\system32\ActiveScan\pskavs.dll
----a-w 417,792 2007-03-26 22:25:34 C:\WINDOWS\system32\ActiveScan\pskcmp.dll
----a-w 90,112 2006-08-09 18:42:24 C:\WINDOWS\system32\ActiveScan\pskfss.dll
----a-w 208,896 2006-07-19 18:55:58 C:\WINDOWS\system32\ActiveScan\pskhtml.dll
----a-w 9,728 2006-01-21 00:57:00 C:\WINDOWS\system32\ActiveScan\pskmas.dll
----a-w 14,336 2006-05-17 17:50:12 C:\WINDOWS\system32\ActiveScan\pskmdfs.dll
----a-w 33,280 2006-08-16 18:58:12 C:\WINDOWS\system32\ActiveScan\pskpack.dll
----a-w 266,240 2006-06-30 22:42:36 C:\WINDOWS\system32\ActiveScan\pskscs.dll
----a-w 62,976 2006-08-17 22:33:14 C:\WINDOWS\system32\ActiveScan\pskutil.dll
----a-w 13,312 2006-08-08 21:13:10 C:\WINDOWS\system32\ActiveScan\pskvfile.dll
----a-w 69,632 2006-08-18 16:53:08 C:\WINDOWS\system32\ActiveScan\pskvfs.dll
----a-w 167,936 2006-08-18 16:49:50 C:\WINDOWS\system32\ActiveScan\pskvm.dll
----a-w 353,840 2007-04-19 01:16:04 C:\WINDOWS\system32\ActiveScan\psscan.dll
----a-w 35,328 2007-01-22 22:42:48 C:\WINDOWS\system32\ActiveScan\rawvfile.dll
----a-w 9,488 1997-09-18 14:12:32 C:\WINDOWS\system32\ActiveScan\sporder.dll
----a-w 69,632 2006-03-01 01:23:40 C:\WINDOWS\system32\ActiveScan\tcpvfile.dll
----a-w 16,384 2007-10-10 16:59:56 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
----a-w 32,768 2007-10-10 16:59:56 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
----a-w 32,768 2007-10-10 16:59:56 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
-c----w 124,928 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\advpack.dll
-c----w 214,528 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\dxtrans.dll
-c----w 132,608 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\extmgr.dll
-c----w 63,488 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\icardie.dll
-c----w 63,488 2007-08-17 10:20:54 C:\WINDOWS\system32\dllcache\ie4uinit.exe
-c----w 153,088 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\ieakeng.dll
-c----w 230,400 2007-08-20 10:04:35 C:\WINDOWS\system32\dllcache\ieaksie.dll
-c--a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\system32\dllcache\ieakui.dll
-c----w 383,488 2007-08-20 10:04:35 C:\WINDOWS\system32\dllcache\ieapfltr.dll
-c----w 384,512 2007-08-20 10:04:35 C:\WINDOWS\system32\dllcache\iedkcs32.dll
-c----w 6,058,496 2007-08-20 10:04:37 C:\WINDOWS\system32\dllcache\ieframe.dll
-c----w 44,544 2007-08-20 10:04:38 C:\WINDOWS\system32\dllcache\iernonce.dll
-c----w 267,776 2007-08-20 10:04:38 C:\WINDOWS\system32\dllcache\iertutil.dll
-c----w 13,824 2007-08-17 10:20:54 C:\WINDOWS\system32\dllcache\ieudinit.exe
-c--a-w 625,152 2007-08-17 10:21:21 C:\WINDOWS\system32\dllcache\iexplore.exe
-c----w 683,520 2007-08-21 06:15:44 C:\WINDOWS\system32\dllcache\inetcomm.dll
-c----w 27,648 2007-08-20 10:04:39 C:\WINDOWS\system32\dllcache\jsproxy.dll
-c----w 459,264 2007-08-20 10:04:39 C:\WINDOWS\system32\dllcache\msfeeds.dll
-c----w 52,224 2007-08-20 10:04:39 C:\WINDOWS\system32\dllcache\msfeedsbs.dll
-c----w 3,584,512 2007-08-20 10:04:41 C:\WINDOWS\system32\dllcache\mshtml.dll
-c----w 477,696 2007-08-20 10:04:41 C:\WINDOWS\system32\dllcache\mshtmled.dll
-c----w 193,024 2007-08-20 10:04:41 C:\WINDOWS\system32\dllcache\msrating.dll
-c----w 671,232 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\mstime.dll
-c--a-w 102,400 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\occache.dll
-c----w 105,984 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\url.dll
-c----w 1,152,000 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\urlmon.dll
-c----w 232,960 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\webcheck.dll
-c----w 824,832 2007-08-20 10:04:43 C:\WINDOWS\system32\dllcache\wininet.dll
----a-w 11,968 2006-09-03 05:34:34 C:\WINDOWS\system32\drivers\symdns.sys
----a-w 144,832 2006-09-03 05:34:42 C:\WINDOWS\system32\drivers\symfw.sys
----a-w 39,104 2006-09-03 05:34:50 C:\WINDOWS\system32\drivers\symids.sys
----a-w 33,216 2006-09-03 05:34:46 C:\WINDOWS\system32\drivers\symndis.sys
----a-w 36,032 2006-09-03 05:35:06 C:\WINDOWS\system32\drivers\symndisv.sys
----a-w 26,432 2006-09-03 05:34:56 C:\WINDOWS\system32\drivers\symredrv.sys
----a-w 186,048 2006-09-03 05:35:00 C:\WINDOWS\system32\drivers\symtdi.sys
.
----a-r 1,165,584 2007-09-19 18:40:11 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
----a-r 20,240 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
----a-r 159,504 2007-09-19 18:40:11 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
----a-r 184,080 2007-09-19 18:40:12 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
----a-r 217,864 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
----a-r 18,704 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
----a-r 35,088 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
----a-r 845,584 2007-09-19 18:40:14 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
----a-r 922,384 2007-09-19 18:40:14 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
----a-r 272,648 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
----a-r 888,080 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
----a-r 1,172,240 2007-09-19 18:40:11 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
----a-w 124,928 2007-06-27 14:34:51 C:\WINDOWS\system32\advpack.dll
----a-w 214,528 2006-10-17 18:57:50 C:\WINDOWS\system32\dxtrans.dll
----a-w 132,608 2007-06-27 14:34:51 C:\WINDOWS\system32\extmgr.dll
------w 61,952 2006-10-17 18:58:20 C:\WINDOWS\system32\icardie.dll
----a-w 63,488 2007-06-27 08:27:04 C:\WINDOWS\system32\ie4uinit.exe
----a-w 153,088 2007-06-27 14:34:51 C:\WINDOWS\system32\ieakeng.dll
----a-w 230,400 2007-06-27 14:34:51 C:\WINDOWS\system32\ieaksie.dll
----a-w 161,792 2007-06-27 07:00:33 C:\WINDOWS\system32\ieakui.dll
----a-w 383,488 2007-06-27 14:34:51 C:\WINDOWS\system32\ieapfltr.dll
----a-w 384,512 2007-06-27 14:34:51 C:\WINDOWS\system32\iedkcs32.dll
----a-w 6,058,496 2007-06-27 14:34:55 C:\WINDOWS\system32\ieframe.dll
----a-w 44,544 2007-06-27 14:34:55 C:\WINDOWS\system32\iernonce.dll
----a-w 267,776 2007-06-27 14:34:55 C:\WINDOWS\system32\iertutil.dll
----a-w 13,824 2007-06-27 08:27:05 C:\WINDOWS\system32\ieudinit.exe
----a-w 27,648 2007-06-27 14:34:56 C:\WINDOWS\system32\jsproxy.dll
----a-w 17,474,680 2007-09-06 02:50:42 C:\WINDOWS\system32\MRT.exe
----a-w 459,264 2007-06-27 14:34:56 C:\WINDOWS\system32\msfeeds.dll
----a-w 52,224 2007-06-27 14:34:56 C:\WINDOWS\system32\msfeedsbs.dll
----a-w 3,856,384 2007-07-19 06:59:59 C:\WINDOWS\system32\mshtml.dll
------w 477,696 2007-06-27 14:34:57 C:\WINDOWS\system32\mshtmled.dll
----a-w 193,024 2007-06-27 14:34:58 C:\WINDOWS\system32\msrating.dll
----a-w 671,232 2007-06-27 14:34:58 C:\WINDOWS\system32\mstime.dll
----a-w 163,840 2007-06-27 14:34:58 C:\WINDOWS\system32\occache.dll
----a-w 581,120 2004-08-04 07:56:46 C:\WINDOWS\system32\rpcrt4.dll
----a-w 624,784 2007-01-10 17:47:38 C:\WINDOWS\system32\SymNeti.dll
----a-w 242,320 2007-01-10 17:47:38 C:\WINDOWS\system32\SymRedir.dll
----a-w 62,464 2007-06-27 14:34:58 C:\WINDOWS\system32\url.dll
----a-w 1,225,728 2007-06-27 14:34:58 C:\WINDOWS\system32\urlmon.dll
----a-w 393,728 2007-06-27 14:34:59 C:\WINDOWS\system32\webcheck.dll
----a-w 814,592 2007-06-27 14:34:59 C:\WINDOWS\system32\wininet.dll
----a-w 115,200 2007-03-09 10:02:31 C:\WINDOWS\system32\xpsp3res.dll
----a-w 16,384 2007-10-08 01:07:11 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
----a-w 32,768 2007-10-08 01:07:11 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
----a-w 32,768 2007-10-08 01:07:11 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
-c----w 124,928 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\advpack.dll
-c----w 214,528 2006-10-17 18:57:50 C:\WINDOWS\system32\dllcache\dxtrans.dll
-c----w 132,608 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\extmgr.dll
-c----w 63,488 2007-06-27 08:27:04 C:\WINDOWS\system32\dllcache\ie4uinit.exe
-c----w 153,088 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\ieakeng.dll
-c----w 230,400 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\ieaksie.dll
-c--a-w 161,792 2007-06-27 07:00:33 C:\WINDOWS\system32\dllcache\ieakui.dll
-c----w 383,488 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\ieapfltr.dll
-c----w 384,512 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\iedkcs32.dll
-c----w 6,058,496 2007-06-27 14:34:55 C:\WINDOWS\system32\dllcache\ieframe.dll
-c----w 44,544 2007-06-27 14:34:55 C:\WINDOWS\system32\dllcache\iernonce.dll
-c----w 267,776 2007-06-27 14:34:55 C:\WINDOWS\system32\dllcache\iertutil.dll
-c----w 13,824 2007-06-27 08:27:05 C:\WINDOWS\system32\dllcache\ieudinit.exe
-c--a-w 625,152 2007-06-27 08:27:30 C:\WINDOWS\system32\dllcache\iexplore.exe
-c----w 683,520 2007-05-16 15:12:02 C:\WINDOWS\system32\dllcache\inetcomm.dll
-c----w 27,648 2007-06-27 14:34:56 C:\WINDOWS\system32\dllcache\jsproxy.dll
-c----w 459,264 2007-06-27 14:34:56 C:\WINDOWS\system32\dllcache\msfeeds.dll
-c----w 52,224 2007-06-27 14:34:56 C:\WINDOWS\system32\dllcache\msfeedsbs.dll
-c----w 3,583,488 2007-07-19 06:59:59 C:\WINDOWS\system32\dllcache\mshtml.dll
-c----w 477,696 2007-06-27 14:34:57 C:\WINDOWS\system32\dllcache\mshtmled.dll
-c----w 193,024 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\msrating.dll
-c----w 671,232 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\mstime.dll
-c--a-w 102,400 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\occache.dll
-c----w 105,984 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\url.dll
-c----w 1,152,000 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\urlmon.dll
-c----w 232,960 2007-06-27 14:34:59 C:\WINDOWS\system32\dllcache\webcheck.dll
-c----w 823,808 2007-06-27 14:34:59 C:\WINDOWS\system32\dllcache\wininet.dll
----a-w 12,984 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symdns.sys
----a-w 145,976 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symfw.sys
----a-w 40,120 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symids.sys
----a-w 35,256 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symndis.sys
----a-w 38,200 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symndisv.sys
----a-w 27,576 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symredrv.sys
----a-w 191,544 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symtdi.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2005-03-08 02:33 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-03-11 16:33 C:\WINDOWS\system32\VTTrayp.exe]
"SoundMan"="SOUNDMAN.EXE" [2006-03-01 15:22 C:\WINDOWS\soundman.exe]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" []
"capfasem"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" []
"cafwc"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 15:15]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 15:15]
"SMSERIAL"="sm56hlpr.exe" []
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" []
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-09-03 09:04]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2006-09-06 03:22]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-29 12:22]
"ViStart"="C:\Program Files\ViStart\ViStart.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

C:\Documents and Settings\randy\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-06-27 18:56:26]
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=0 (0x0)
"NoPropertiesMyComputer"=0 (0x0)
"NoFileAssociate"=0 (0x0)
"NoSMHelp"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=0 (0x0)
"NoTrayItemsDisplay"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
UmxWnp.Dll 2007-01-31 13:00 79368 C:\WINDOWS\system32\UmxWNP.dll

R0 KmxStart;KmxStart;C:\WINDOWS\system32\DRIVERS\kmxstart.sys
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys
R1 BIOS;BIOS;\??\C:\WINDOWS\System32\drivers\BIOS.sys
R1 KmxAgent;KmxAgent;C:\WINDOWS\system32\DRIVERS\kmxagent.sys
R1 KmxFile;KmxFile;C:\WINDOWS\system32\DRIVERS\KmxFile.sys
R1 KmxFw;KmxFw;C:\WINDOWS\system32\DRIVERS\kmxfw.sys
R2 KmxCF;KmxCF;C:\WINDOWS\system32\DRIVERS\KmxCF.sys
R2 KmxSbx;KmxSbx;C:\WINDOWS\system32\DRIVERS\KmxSbx.sys
R2 UmxAgent;HIPS Event Manager;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe"
R2 UmxCfg;HIPS Configuration Interpreter;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe"
R2 UmxPol;HIPS Policy Manager;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe"
R3 KmxCfg;KmxCfg;C:\WINDOWS\system32\DRIVERS\kmxcfg.sys
S3 BDSelfPr;BDSelfPr;\??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys
S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys
S3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command - F:\CDStart.Exe
Install\Command - F:\Stub.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76ee0c80-657a-11dc-be68-00192167bb26}]
Auto\command - sxs.exe
AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8cc795e4-357f-11dc-bdbb-00192167bb26}]
AutoRun\command - F:\LaunchU3.exe -a

*Newly Created Service* - COMHOST
*Newly Created Service* - ERASERUTILREBOOTDRV

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{21DB17A7-9EB9-0768-D9C5-22A71AD280F1}]
C:\WINDOWS\system32:svchost.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-09-14 21:08:39 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-10-12 09:36:59 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - randy.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
"2007-08-28 07:37:11 C:\WINDOWS\Tasks\rpc.job"
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-12 02:26:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32:svchost.exe 20480 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2007-10-12 2:29:48
C:\ComboFix-quarantined-files.txt ... 2007-10-12 02:29
C:\ComboFix2.txt ... 2007-10-10 09:34
C:\ComboFix3.txt ... 2007-10-08 12:25
.
--- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:04:29 AM, on 10/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

--
End of file - 11020 bytes

10-13-2007, 08:07 AM	#22 (permalink)
slimsay Registered User Join Date: Oct 2007 Posts: 53 OS: xp	Re: slimsay's thread ComboFix 07-10-08.3 - randy 2007-10-12 2:22:04.6 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.174 [GMT -8:00] Running from: C:\Documents and Settings\randy\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\randy\Desktop\CFScript.txt * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-09-12 to 2007-10-12 ))))))))))))))))))))))))))))))) . 2007-10-12 01:25 <DIR> d-------- C:\Program Files\Norton Internet Security 2007-10-12 01:24 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2007-10-12 01:24 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2007-10-12 01:12 <DIR> d-------- C:\Program Files\Symantec 2007-10-10 09:47 <DIR> d-------- C:\Documents and Settings\randy\Application Data\BitDefender 2007-10-10 07:38 <DIR> d-------- C:\Documents and Settings\randy\Downloads 2007-10-10 01:18 <DIR> d-------- C:\Documents and Settings\randy\Application Data\CheckPoint 2007-10-10 01:17 <DIR> d-------- C:\Program Files\CheckPoint 2007-10-09 01:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-10-09 01:20 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll 2007-10-09 00:22 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll 2007-10-08 23:43 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-10-08 23:42 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs 2007-10-08 23:41 <DIR> d-------- C:\WINDOWS\Internet Logs 2007-10-08 23:24 <DIR> d-------- C:\Program Files\SpywareBlaster 2007-10-08 22:39 <DIR> d-------- C:\Program Files\CCleaner 2007-10-08 18:35 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-08 18:32 <DIR> d-------- C:\WINDOWS\system32\ActiveScan 2007-10-08 12:32 <DIR> d-------- C:\VundoFix Backups 2007-10-07 15:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2007-10-07 14:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor 2007-10-07 13:47 <DIR> d-------- C:\Documents and Settings\randy\Application Data\SiteAdvisor 2007-10-07 13:17 2,977,792 --------- C:\WINDOWS\UNNMP.exe 2007-10-07 13:13 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-10-07 13:10 2,977,792 --------- C:\WINDOWS\UNNeroVision.exe 2007-10-07 13:10 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll 2007-10-07 13:10 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll 2007-10-07 13:10 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll 2007-10-07 13:10 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll 2007-10-07 13:10 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll 2007-10-07 13:10 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll 2007-10-07 13:10 38,912 --------- C:\WINDOWS\system32\picn20.dll 2007-10-06 22:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2007-10-04 23:16 <DIR> d-------- C:\WINDOWS\config 2007-10-04 15:01 <DIR> d-------- C:\Documents and Settings\randy\Application Data\FogelSoft 2007-10-04 15:00 <DIR> d-------- C:\Documents and Settings\randy\Application Data\Opera 2007-10-03 23:36 <DIR> d-------- C:\Program Files\SuperBladePro 2007-10-03 22:35 <DIR> d-------- C:\Deckard 2007-10-03 22:07 0 --a------ C:\WINDOWS\nsreg.dat 2007-10-01 14:23 4,912 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd 2007-10-01 11:54 <DIR> d-------- C:\Program Files\Windows Live 2007-09-30 14:35 <DIR> d-------- C:\Program Files\ViStart_www.softarchive.net 2007-09-29 18:06 <DIR> d-------- C:\Program Files\XP Repair Pro 2007 2007-09-29 17:57 <DIR> d-------- C:\Program Files\XPRepairPro2006 2007-09-28 14:01 <DIR> d-------- C:\Documents and Settings\randy\Application Data\Leadertech 2007-09-28 01:35 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2007-09-27 00:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee 2007-09-26 18:59 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2007-09-26 18:53 <DIR> d-------- C:\Program Files\Windows Desktop Search 2007-09-26 18:52 192,000 -----c--- C:\WINDOWS\system32\dllcache\offfilt.dll 2007-09-26 18:52 98,304 -----c--- C:\WINDOWS\system32\dllcache\nlhtml.dll 2007-09-26 18:49 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2007-09-26 18:46 <DIR> d-------- C:\Program Files\Windows Live Toolbar 2007-09-26 10:49 <DIR> d-------- C:\Documents and Settings\randy\Application Data\???????sAppData 2007-09-26 07:11 <DIR> d-------- C:\Program Files\Formosoft 2007-09-26 07:11 1,032,192 --a------ C:\WINDOWS\AquaReal.scr 2007-09-26 07:11 131,072 --a------ C:\WINDOWS\SNVerifyDLL.dll 2007-09-26 06:54 <DIR> d-------- C:\Program Files\3D Fish School 3 2007-09-26 06:54 4,770,816 --a------ C:\WINDOWS\3D Fish School 3.scr 2007-09-26 06:54 118,784 --a------ C:\WINDOWS\dx7ogl32.dll 2007-09-24 21:15 249,856 --------- C:\WINDOWS\Setup1.exe 2007-09-24 21:15 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2007-09-24 14:46 <DIR> d-------- C:\Program Files\AIMP2 2007-09-19 19:21 <DIR> d-------- C:\Program Files\Microsoft Encarta 2007-09-18 19:52 <DIR> d-------- C:\Documents and Settings\randy\Application Data\Symantec 2007-09-18 14:43 317,616 --a------ C:\WINDOWS\system32\drivers\srtspl.sys 2007-09-18 14:43 278,576 --a------ C:\WINDOWS\system32\drivers\srtsp.sys 2007-09-18 14:43 43,696 --a------ C:\WINDOWS\system32\drivers\srtspx.sys 2007-09-14 23:11 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll 2007-09-14 22:59 <DIR> d-------- C:\Program Files\MSBuild 2007-09-14 22:59 <DIR> d-------- C:\Program Files\Microsoft Works 2007-09-14 22:56 <DIR> d-------- C:\Program Files\Microsoft.NET 2007-09-14 22:43 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8 2007-09-14 22:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2007-09-14 22:27 <DIR> d-------- C:\Program Files\PowerISO 2007-09-14 13:07 <DIR> d-------- C:\Program Files\Apple Software Update 2007-09-14 09:51 <DIR> d-------- C:\Program Files\Microsoft Silverlight . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-12 02:10 --------- d-------- C:\Program Files\Common Files\Symantec Shared 2007-10-12 01:54 --------- d-------- C:\Documents and Settings\All Users\Application Data\Symantec 2007-10-12 01:49 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF 2007-10-12 01:49 10740 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k7 2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k6 2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k5 2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k4 2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k3 2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k2 2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k1 2007-10-12 01:20 64 --a------ C:\WINDOWS\system32\drivers\kmxcfg.u2k0 2007-10-11 23:55 --------- d-------- C:\Documents and Settings\randy\Application Data\uTorrent 2007-10-10 16:31 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-10-08 00:26 --------- d-------- C:\Program Files\Trend Micro 2007-10-07 23:12 --------- d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2007-10-07 13:17 --------- d-------- C:\Program Files\Ahead 2007-10-07 13:09 --------- d-------- C:\Program Files\Common Files\Ahead 2007-10-04 15:01 --------- d-------- C:\Program Files\Windows Live Safety Center 2007-10-04 15:01 --------- d-------- C:\Program Files\OneStepSearch 2007-10-04 15:01 --------- d-------- C:\Documents and Settings\randy\Application Data\dvdcss 2007-10-04 15:01 --------- d-------- C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller 2007-10-01 14:40 72074 --a------ C:\WINDOWS\BricoPackUninst.cmd 2007-10-01 11:54 --------- d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2007-09-28 12:24 --------- d-------- C:\Program Files\Windows Media Connect 2 2007-09-26 10:49 --------- d-------- C:\Documents and Settings\randy\Application Data\???????sAppData 2007-09-26 07:08 --------- d-------- C:\Program Files\Common Files\InstallShield 2007-09-19 20:12 --------- d-------- C:\Program Files\Yahoo! 2007-09-19 20:12 --------- d-------- C:\Program Files\Common Files\Scanner 2007-09-18 23:37 --------- d-------- C:\Program Files\SUPERAntiSpyware 2007-09-18 23:37 --------- d-------- C:\Documents and Settings\randy\Application Data\SUPERAntiSpyware.com 2007-09-18 14:44 1430 --a------ C:\WINDOWS\system32\drivers\srtspl.inf 2007-09-18 14:44 1421 --a------ C:\WINDOWS\system32\drivers\srtspx.inf 2007-09-18 14:44 1415 --a------ C:\WINDOWS\system32\drivers\srtsp.inf 2007-09-18 14:44 10662 --a------ C:\WINDOWS\system32\drivers\srtspx.cat 2007-09-18 14:44 10662 --a------ C:\WINDOWS\system32\drivers\srtspl.cat 2007-09-18 14:44 10658 --a------ C:\WINDOWS\system32\drivers\srtsp.cat 2007-09-17 17:05 --------- d-------- C:\Documents and Settings\randy\Application Data\Apple Computer 2007-09-14 22:06 --------- d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2007-09-07 20:16 --------- d-------- C:\Documents and Settings\randy\Application Data\MSN6 2007-09-07 20:15 --------- d-------- C:\Documents and Settings\All Users\Application Data\MSN6 2007-09-03 09:18 --------- d-------- C:\Program Files\uTorrent 2007-08-29 15:16 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys 2007-08-29 13:42 --------- d-------- C:\Program Files\DivX 2007-08-29 13:02 --------- d-------- C:\Documents and Settings\randy\Application Data\Yahoo! 2007-08-29 13:02 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2007-08-27 23:16 --------- d-------- C:\Program Files\Common Files\Download Manager 2007-08-27 17:36 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2007-08-26 22:48 --------- d-------- C:\Program Files\Flash N Burn 2007-08-25 21:26 --------- d-------- C:\Documents and Settings\randy\Application Data\AIMP 2007-08-20 22:15 683520 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-07-30 18:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 18:19 68440 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 18:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 18:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 18:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 18:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll 2007-07-30 18:19 207736 --a------ C:\WINDOWS\system32\muweb.dll 2007-07-30 18:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 18:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 18:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-26 15:06 200704 --a------ C:\WINDOWS\system32\ssldivx.dll 2007-07-26 15:06 1044480 --a------ C:\WINDOWS\system32\libdivx.dll . ((((((((((((((((((((((((((((( snapshot@2007-10-08_10.22.12.82 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 14,048 2005-10-12 23:12:25 C:\WINDOWS\$hf_mig$\KB933729\spmsg.dll ----a-w 213,216 2005-10-12 23:12:26 C:\WINDOWS\$hf_mig$\KB933729\spuninst.exe ----a-w 582,656 2007-07-09 13:16:16 C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\rpcrt4.dll ----a-w 350,720 2007-06-19 07:24:36 C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\xpsp3res.dll ----a-w 22,752 2005-10-12 23:12:25 C:\WINDOWS\$hf_mig$\KB933729\update\spcustom.dll ----a-w 716,000 2005-10-12 23:12:28 C:\WINDOWS\$hf_mig$\KB933729\update\update.exe ----a-w 371,424 2005-10-12 23:12:33 C:\WINDOWS\$hf_mig$\KB933729\update\updspapi.dll ----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\$hf_mig$\KB939653-IE7\spmsg.dll ----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$hf_mig$\KB939653-IE7\spuninst.exe ----a-w 124,928 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll ----a-w 214,528 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll ----a-w 132,608 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll ----a-w 63,488 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll ----a-w 70,656 2007-08-17 10:12:34 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe ----a-w 153,088 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll ----a-w 230,400 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll ----a-w 161,792 2007-08-17 07:29:55 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll ----a-w 2,455,488 2007-04-17 09:28:12 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat ----a-w 383,488 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll ----a-w 387,584 2007-08-20 10:02:09 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll ----a-w 6,066,176 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll ----a-w 44,544 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll ----a-w 267,776 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll ----a-w 13,824 2007-08-17 10:12:35 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe ----a-w 625,152 2007-08-17 10:12:49 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe ----a-w 27,648 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll ----a-w 459,264 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeeds.dll ----a-w 52,224 2007-08-20 10:02:10 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeedsbs.dll ----a-w 3,592,192 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll ----a-w 478,208 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtmled.dll ----a-w 193,024 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll ----a-w 671,232 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mstime.dll ----a-w 102,400 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\occache.dll ----a-w 105,984 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\url.dll ----a-w 1,161,728 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\urlmon.dll ----a-w 232,960 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\webcheck.dll ----a-w 825,344 2007-08-20 10:02:11 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll ----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\spcustom.dll ----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe ----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\updspapi.dll ----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll ----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe ----a-w 683,520 2007-08-21 06:25:02 C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll ----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll ----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\$hf_mig$\KB941202\update\update.exe ----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll ----a-w 141,424 2006-08-24 16:28:54 C:\WINDOWS\Downloaded Program Files\asinst.dll -c----w 124,928 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll -c----w 214,528 2006-10-17 18:57:50 C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll -c----w 132,608 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\extmgr.dll -c----w 61,952 2006-10-17 18:58:20 C:\WINDOWS\ie7updates\KB939653-IE7\icardie.dll -c----w 63,488 2007-06-27 08:27:04 C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe -c----w 153,088 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll -c----w 230,400 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll -c----w 161,792 2007-06-27 07:00:33 C:\WINDOWS\ie7updates\KB939653-IE7\ieakui.dll -c----w 383,488 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dll -c----w 384,512 2007-06-27 14:34:51 C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll -c----w 6,058,496 2007-06-27 14:34:55 C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll -c----w 44,544 2007-06-27 14:34:55 C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll -c----w 267,776 2007-06-27 14:34:55 C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll -c----w 13,824 2007-06-27 08:27:05 C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe -c----w 625,152 2007-06-27 08:27:30 C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe -c----w 27,648 2007-06-27 14:34:56 C:\WINDOWS\ie7updates\KB939653-IE7\jsproxy.dll -c----w 459,264 2007-06-27 14:34:56 C:\WINDOWS\ie7updates\KB939653-IE7\msfeeds.dll -c----w 52,224 2007-06-27 14:34:56 C:\WINDOWS\ie7updates\KB939653-IE7\msfeedsbs.dll -c----w 3,856,384 2007-07-19 06:59:59 C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll -c----w 477,696 2007-06-27 14:34:57 C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll -c----w 193,024 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll -c----w 671,232 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\mstime.dll -c----w 163,840 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll -c----w 62,464 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\url.dll -c----w 1,225,728 2007-06-27 14:34:58 C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll -c----w 393,728 2007-06-27 14:34:59 C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll -c----w 814,592 2007-06-27 14:34:59 C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll -c----w 213,216 2007-03-06 01:22:41 C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe -c----w 371,424 2007-03-06 01:23:51 C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\updspapi.dll ----a-r 1,165,584 2007-10-09 09:07:43 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ----a-r 20,240 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ----a-r 159,504 2007-10-09 09:07:43 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ----a-r 184,080 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ----a-r 217,864 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ----a-r 18,704 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe ----a-r 35,088 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ----a-r 845,584 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ----a-r 922,384 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ----a-r 272,648 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ----a-r 888,080 2007-10-09 09:07:44 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ----a-r 1,172,240 2007-10-09 09:07:43 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ----a-w 14,048 2005-10-12 23:12:25 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\spmsg.dll ----a-w 213,216 2005-10-12 23:12:26 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\spuninst.exe ----a-w 584,192 2007-07-09 13:09:42 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2GDR\rpcrt4.dll ----a-w 115,712 2007-06-13 06:53:14 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2GDR\xpsp3res.dll ----a-w 582,656 2007-07-09 13:16:16 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2QFE\rpcrt4.dll ----a-w 350,720 2007-06-19 07:24:36 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\SP2QFE\xpsp3res.dll ----a-w 22,752 2005-10-12 23:12:25 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\spcustom.dll ----a-w 716,000 2005-10-12 23:12:28 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\update.exe ----a-w 371,424 2005-10-12 23:12:33 C:\WINDOWS\SoftwareDistribution\Download\28d74bdac17e30d3a4336176766f2e4a\update\updspapi.dll ----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\spmsg.dll ----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\spuninst.exe ----a-w 124,928 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\advpack.dll ----a-w 214,528 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\dxtrans.dll ----a-w 132,608 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\extmgr.dll ----a-w 63,488 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\icardie.dll ----a-w 63,488 2007-08-17 10:20:54 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ie4uinit.exe ----a-w 153,088 2007-08-20 10:04:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieakeng.dll ----a-w 230,400 2007-08-20 10:04:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieaksie.dll ----a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieakui.dll ----a-w 383,488 2007-08-20 10:04:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieapfltr.dll ----a-w 384,512 2007-08-20 10:04:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iedkcs32.dll ----a-w 6,058,496 2007-08-20 10:04:37 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieframe.dll ----a-w 44,544 2007-08-20 10:04:38 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iernonce.dll ----a-w 267,776 2007-08-20 10:04:38 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iertutil.dll ----a-w 13,824 2007-08-17 10:20:54 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\ieudinit.exe ----a-w 625,152 2007-08-17 10:21:21 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\iexplore.exe ----a-w 27,648 2007-08-20 10:04:39 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\jsproxy.dll ----a-w 459,264 2007-08-20 10:04:39 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\msfeeds.dll ----a-w 52,224 2007-08-20 10:04:39 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\msfeedsbs.dll ----a-w 3,584,512 2007-08-20 10:04:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\mshtml.dll ----a-w 477,696 2007-08-20 10:04:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\mshtmled.dll ----a-w 193,024 2007-08-20 10:04:41 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\msrating.dll ----a-w 671,232 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\mstime.dll ----a-w 102,400 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\occache.dll ----a-w 105,984 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\url.dll ----a-w 1,152,000 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\urlmon.dll ----a-w 232,960 2007-08-20 10:04:42 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\webcheck.dll ----a-w 824,832 2007-08-20 10:04:43 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2gdr\wininet.dll ----a-w 124,928 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\advpack.dll ----a-w 214,528 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\dxtrans.dll ----a-w 132,608 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\extmgr.dll ----a-w 63,488 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\icardie.dll ----a-w 70,656 2007-08-17 10:12:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ie4uinit.exe ----a-w 153,088 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieakeng.dll ----a-w 230,400 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieaksie.dll ----a-w 161,792 2007-08-17 07:29:55 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieakui.dll ----a-w 2,455,488 2007-04-17 09:28:12 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieapfltr.dat ----a-w 383,488 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieapfltr.dll ----a-w 387,584 2007-08-20 10:02:09 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iedkcs32.dll ----a-w 6,066,176 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieframe.dll ----a-w 44,544 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iernonce.dll ----a-w 267,776 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iertutil.dll ----a-w 13,824 2007-08-17 10:12:35 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\ieudinit.exe ----a-w 625,152 2007-08-17 10:12:49 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\iexplore.exe ----a-w 27,648 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\jsproxy.dll ----a-w 459,264 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\msfeeds.dll ----a-w 52,224 2007-08-20 10:02:10 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\msfeedsbs.dll ----a-w 3,592,192 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\mshtml.dll ----a-w 478,208 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\mshtmled.dll ----a-w 193,024 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\msrating.dll ----a-w 671,232 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\mstime.dll ----a-w 102,400 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\occache.dll ----a-w 105,984 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\url.dll ----a-w 1,161,728 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\urlmon.dll ----a-w 232,960 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\webcheck.dll ----a-w 825,344 2007-08-20 10:02:11 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\sp2qfe\wininet.dll ----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\update\spcustom.dll ----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\update\update.exe ----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\SoftwareDistribution\Download\6915af3cf644e553ca6da8ed6ca50d4f\update\updspapi.dll ----a-w 14,048 2007-03-06 01:22:36 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\spmsg.dll ----a-w 213,216 2007-03-06 01:22:41 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\spuninst.exe ----a-w 683,520 2007-08-21 06:15:44 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\sp2gdr\inetcomm.dll ----a-w 683,520 2007-08-21 06:25:02 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\sp2qfe\inetcomm.dll ----a-w 22,752 2007-03-06 01:22:34 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\spcustom.dll ----a-w 716,000 2007-03-06 01:22:59 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\update.exe ----a-w 371,424 2007-03-06 01:23:51 C:\WINDOWS\SoftwareDistribution\Download\8c426bb59cb8f380ba397304c1c563d0\update\updspapi.dll ----a-w 124,928 2007-08-20 10:04:34 C:\WINDOWS\system32\advpack.dll ----a-w 73,728 2006-08-02 20:39:06 C:\WINDOWS\system32\asuninst.exe ----a-w 214,528 2007-08-20 10:04:34 C:\WINDOWS\system32\dxtrans.dll ----a-w 132,608 2007-08-20 10:04:34 C:\WINDOWS\system32\extmgr.dll ----a-w 63,488 2007-08-20 10:04:34 C:\WINDOWS\system32\icardie.dll ----a-w 63,488 2007-08-17 10:20:54 C:\WINDOWS\system32\ie4uinit.exe ----a-w 153,088 2007-08-20 10:04:34 C:\WINDOWS\system32\ieakeng.dll ----a-w 230,400 2007-08-20 10:04:35 C:\WINDOWS\system32\ieaksie.dll ----a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\system32\ieakui.dll ----a-w 383,488 2007-08-20 10:04:35 C:\WINDOWS\system32\ieapfltr.dll ----a-w 384,512 2007-08-20 10:04:35 C:\WINDOWS\system32\iedkcs32.dll ----a-w 6,058,496 2007-08-20 10:04:37 C:\WINDOWS\system32\ieframe.dll ----a-w 44,544 2007-08-20 10:04:38 C:\WINDOWS\system32\iernonce.dll ----a-w 267,776 2007-08-20 10:04:38 C:\WINDOWS\system32\iertutil.dll ----a-w 13,824 2007-08-17 10:20:54 C:\WINDOWS\system32\ieudinit.exe ----a-w 135,168 2007-09-25 06:30:28 C:\WINDOWS\system32\java.exe ----a-w 135,168 2007-09-25 06:30:30 C:\WINDOWS\system32\javaw.exe ----a-w 139,264 2007-09-25 07:31:42 C:\WINDOWS\system32\javaws.exe ----a-w 27,648 2007-08-20 10:04:39 C:\WINDOWS\system32\jsproxy.dll ----a-w 18,089,592 2007-09-28 05:19:39 C:\WINDOWS\system32\MRT.exe ----a-w 459,264 2007-08-20 10:04:39 C:\WINDOWS\system32\msfeeds.dll ----a-w 52,224 2007-08-20 10:04:39 C:\WINDOWS\system32\msfeedsbs.dll ----a-w 3,584,512 2007-08-20 10:04:41 C:\WINDOWS\system32\mshtml.dll ----a-w 477,696 2007-08-20 10:04:41 C:\WINDOWS\system32\mshtmled.dll ----a-w 193,024 2007-08-20 10:04:41 C:\WINDOWS\system32\msrating.dll ----a-w 671,232 2007-08-20 10:04:42 C:\WINDOWS\system32\mstime.dll ----a-w 102,400 2007-08-20 10:04:42 C:\WINDOWS\system32\occache.dll ----a-w 584,192 2007-07-09 13:09:42 C:\WINDOWS\system32\rpcrt4.dll ----a-w 613,056 2006-09-03 05:35:16 C:\WINDOWS\system32\SymNeti.dll ----a-w 239,808 2006-09-03 05:35:10 C:\WINDOWS\system32\SymRedir.dll ----a-w 105,984 2007-08-20 10:04:42 C:\WINDOWS\system32\url.dll ----a-w 1,152,000 2007-08-20 10:04:42 C:\WINDOWS\system32\urlmon.dll ----a-w 83,432 2007-09-07 00:14:04 C:\WINDOWS\system32\vsdata.dll ----a-w 395,080 2007-09-07 00:14:28 C:\WINDOWS\system32\vsdatant.sys ----a-w 46,568 2007-09-07 00:14:06 C:\WINDOWS\system32\vswmi.dll ----a-w 232,960 2007-08-20 10:04:42 C:\WINDOWS\system32\webcheck.dll ----a-w 824,832 2007-08-20 10:04:43 C:\WINDOWS\system32\wininet.dll ----a-w 115,712 2007-06-13 06:53:14 C:\WINDOWS\system32\xpsp3res.dll ----a-w 83,432 2007-09-07 00:14:06 C:\WINDOWS\system32\zlcomm.dll ----a-w 71,144 2007-09-07 00:14:08 C:\WINDOWS\system32\zlcommdb.dll ----a-w 11,776 2003-03-26 02:53:50 C:\WINDOWS\system32\ZPORT4AS.dll ----a-w 110,592 2007-03-29 17:20:50 C:\WINDOWS\system32\ActiveScan\as.dll ----a-w 233,472 2006-10-06 00:15:26 C:\WINDOWS\system32\ActiveScan\ascontrol.dll ----a-w 96,256 2005-06-03 22:03:18 C:\WINDOWS\system32\ActiveScan\asmdat.dll ----a-w 36,864 2003-08-01 19:00:16 C:\WINDOWS\system32\ActiveScan\certdll.dll ----a-w 86,016 2005-05-20 21:42:44 C:\WINDOWS\system32\ActiveScan\instlsp.dll ----a-w 4,608 2006-02-17 02:20:20 C:\WINDOWS\system32\ActiveScan\memvfile.dll ----a-w 348,160 2005-10-26 02:08:32 C:\WINDOWS\system32\ActiveScan\msvcr71.dll ----a-w 139,264 2004-05-04 23:01:02 C:\WINDOWS\system32\ActiveScan\pavaleas.dll ----a-w 45,056 2006-07-14 21:04:10 C:\WINDOWS\system32\ActiveScan\pavdr.exe ----a-w 159,832 2006-04-10 18:50:02 C:\WINDOWS\system32\ActiveScan\pavexcom.dll ----a-w 94,208 2006-02-14 21:05:38 C:\WINDOWS\system32\ActiveScan\pavinas.dll ----a-w 180,224 2006-02-17 02:35:38 C:\WINDOWS\system32\ActiveScan\pavoe.dll ----a-w 122,880 2006-10-06 00:15:38 C:\WINDOWS\system32\ActiveScan\pavpz.dll ----a-w 8,704 2006-06-30 22:13:38 C:\WINDOWS\system32\ActiveScan\pfdnnt.exe ----a-w 49,152 2004-02-04 22:08:42 C:\WINDOWS\system32\ActiveScan\port32.dll ----a-w 69,632 2006-08-01 21:23:10 C:\WINDOWS\system32\ActiveScan\pscpu.dll ----a-w 1,388,544 2006-08-23 2108 C:\WINDOWS\system32\ActiveScan\pskahk.dll ----a-w 10,752 2006-08-17 19:38:14 C:\WINDOWS\system32\ActiveScan\pskalloc.dll ----a-w 61,440 2006-09-04 19:49:54 C:\WINDOWS\system32\ActiveScan\pskas.dll ----a-w 779,264 2006-08-18 16:46:18 C:\WINDOWS\system32\ActiveScan\pskavs.dll ----a-w 417,792 2007-03-26 22:25:34 C:\WINDOWS\system32\ActiveScan\pskcmp.dll ----a-w 90,112 2006-08-09 18:42:24 C:\WINDOWS\system32\ActiveScan\pskfss.dll ----a-w 208,896 2006-07-19 18:55:58 C:\WINDOWS\system32\ActiveScan\pskhtml.dll ----a-w 9,728 2006-01-21 00:57:00 C:\WINDOWS\system32\ActiveScan\pskmas.dll ----a-w 14,336 2006-05-17 17:50:12 C:\WINDOWS\system32\ActiveScan\pskmdfs.dll ----a-w 33,280 2006-08-16 18:58:12 C:\WINDOWS\system32\ActiveScan\pskpack.dll ----a-w 266,240 2006-06-30 22:42:36 C:\WINDOWS\system32\ActiveScan\pskscs.dll ----a-w 62,976 2006-08-17 22:33:14 C:\WINDOWS\system32\ActiveScan\pskutil.dll ----a-w 13,312 2006-08-08 21:13:10 C:\WINDOWS\system32\ActiveScan\pskvfile.dll ----a-w 69,632 2006-08-18 16:53:08 C:\WINDOWS\system32\ActiveScan\pskvfs.dll ----a-w 167,936 2006-08-18 16:49:50 C:\WINDOWS\system32\ActiveScan\pskvm.dll ----a-w 353,840 2007-04-19 01:16:04 C:\WINDOWS\system32\ActiveScan\psscan.dll ----a-w 35,328 2007-01-22 22:42:48 C:\WINDOWS\system32\ActiveScan\rawvfile.dll ----a-w 9,488 1997-09-18 14:12:32 C:\WINDOWS\system32\ActiveScan\sporder.dll ----a-w 69,632 2006-03-01 01:23:40 C:\WINDOWS\system32\ActiveScan\tcpvfile.dll ----a-w 16,384 2007-10-10 16:59:56 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ----a-w 32,768 2007-10-10 16:59:56 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ----a-w 32,768 2007-10-10 16:59:56 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat -c----w 124,928 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\advpack.dll -c----w 214,528 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\dxtrans.dll -c----w 132,608 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\extmgr.dll -c----w 63,488 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\icardie.dll -c----w 63,488 2007-08-17 10:20:54 C:\WINDOWS\system32\dllcache\ie4uinit.exe -c----w 153,088 2007-08-20 10:04:34 C:\WINDOWS\system32\dllcache\ieakeng.dll -c----w 230,400 2007-08-20 10:04:35 C:\WINDOWS\system32\dllcache\ieaksie.dll -c--a-w 161,792 2007-08-17 07:34:25 C:\WINDOWS\system32\dllcache\ieakui.dll -c----w 383,488 2007-08-20 10:04:35 C:\WINDOWS\system32\dllcache\ieapfltr.dll -c----w 384,512 2007-08-20 10:04:35 C:\WINDOWS\system32\dllcache\iedkcs32.dll -c----w 6,058,496 2007-08-20 10:04:37 C:\WINDOWS\system32\dllcache\ieframe.dll -c----w 44,544 2007-08-20 10:04:38 C:\WINDOWS\system32\dllcache\iernonce.dll -c----w 267,776 2007-08-20 10:04:38 C:\WINDOWS\system32\dllcache\iertutil.dll -c----w 13,824 2007-08-17 10:20:54 C:\WINDOWS\system32\dllcache\ieudinit.exe -c--a-w 625,152 2007-08-17 10:21:21 C:\WINDOWS\system32\dllcache\iexplore.exe -c----w 683,520 2007-08-21 06:15:44 C:\WINDOWS\system32\dllcache\inetcomm.dll -c----w 27,648 2007-08-20 10:04:39 C:\WINDOWS\system32\dllcache\jsproxy.dll -c----w 459,264 2007-08-20 10:04:39 C:\WINDOWS\system32\dllcache\msfeeds.dll -c----w 52,224 2007-08-20 10:04:39 C:\WINDOWS\system32\dllcache\msfeedsbs.dll -c----w 3,584,512 2007-08-20 10:04:41 C:\WINDOWS\system32\dllcache\mshtml.dll -c----w 477,696 2007-08-20 10:04:41 C:\WINDOWS\system32\dllcache\mshtmled.dll -c----w 193,024 2007-08-20 10:04:41 C:\WINDOWS\system32\dllcache\msrating.dll -c----w 671,232 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\mstime.dll -c--a-w 102,400 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\occache.dll -c----w 105,984 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\url.dll -c----w 1,152,000 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\urlmon.dll -c----w 232,960 2007-08-20 10:04:42 C:\WINDOWS\system32\dllcache\webcheck.dll -c----w 824,832 2007-08-20 10:04:43 C:\WINDOWS\system32\dllcache\wininet.dll ----a-w 11,968 2006-09-03 05:34:34 C:\WINDOWS\system32\drivers\symdns.sys ----a-w 144,832 2006-09-03 05:34:42 C:\WINDOWS\system32\drivers\symfw.sys ----a-w 39,104 2006-09-03 05:34:50 C:\WINDOWS\system32\drivers\symids.sys ----a-w 33,216 2006-09-03 05:34:46 C:\WINDOWS\system32\drivers\symndis.sys ----a-w 36,032 2006-09-03 05:35:06 C:\WINDOWS\system32\drivers\symndisv.sys ----a-w 26,432 2006-09-03 05:34:56 C:\WINDOWS\system32\drivers\symredrv.sys ----a-w 186,048 2006-09-03 05:35:00 C:\WINDOWS\system32\drivers\symtdi.sys . ----a-r 1,165,584 2007-09-19 18:40:11 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ----a-r 20,240 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ----a-r 159,504 2007-09-19 18:40:11 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ----a-r 184,080 2007-09-19 18:40:12 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ----a-r 217,864 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ----a-r 18,704 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe ----a-r 35,088 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ----a-r 845,584 2007-09-19 18:40:14 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ----a-r 922,384 2007-09-19 18:40:14 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ----a-r 272,648 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ----a-r 888,080 2007-09-19 18:40:15 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ----a-r 1,172,240 2007-09-19 18:40:11 C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ----a-w 124,928 2007-06-27 14:34:51 C:\WINDOWS\system32\advpack.dll ----a-w 214,528 2006-10-17 18:57:50 C:\WINDOWS\system32\dxtrans.dll ----a-w 132,608 2007-06-27 14:34:51 C:\WINDOWS\system32\extmgr.dll ------w 61,952 2006-10-17 18:58:20 C:\WINDOWS\system32\icardie.dll ----a-w 63,488 2007-06-27 08:27:04 C:\WINDOWS\system32\ie4uinit.exe ----a-w 153,088 2007-06-27 14:34:51 C:\WINDOWS\system32\ieakeng.dll ----a-w 230,400 2007-06-27 14:34:51 C:\WINDOWS\system32\ieaksie.dll ----a-w 161,792 2007-06-27 07:00:33 C:\WINDOWS\system32\ieakui.dll ----a-w 383,488 2007-06-27 14:34:51 C:\WINDOWS\system32\ieapfltr.dll ----a-w 384,512 2007-06-27 14:34:51 C:\WINDOWS\system32\iedkcs32.dll ----a-w 6,058,496 2007-06-27 14:34:55 C:\WINDOWS\system32\ieframe.dll ----a-w 44,544 2007-06-27 14:34:55 C:\WINDOWS\system32\iernonce.dll ----a-w 267,776 2007-06-27 14:34:55 C:\WINDOWS\system32\iertutil.dll ----a-w 13,824 2007-06-27 08:27:05 C:\WINDOWS\system32\ieudinit.exe ----a-w 27,648 2007-06-27 14:34:56 C:\WINDOWS\system32\jsproxy.dll ----a-w 17,474,680 2007-09-06 02:50:42 C:\WINDOWS\system32\MRT.exe ----a-w 459,264 2007-06-27 14:34:56 C:\WINDOWS\system32\msfeeds.dll ----a-w 52,224 2007-06-27 14:34:56 C:\WINDOWS\system32\msfeedsbs.dll ----a-w 3,856,384 2007-07-19 06:59:59 C:\WINDOWS\system32\mshtml.dll ------w 477,696 2007-06-27 14:34:57 C:\WINDOWS\system32\mshtmled.dll ----a-w 193,024 2007-06-27 14:34:58 C:\WINDOWS\system32\msrating.dll ----a-w 671,232 2007-06-27 14:34:58 C:\WINDOWS\system32\mstime.dll ----a-w 163,840 2007-06-27 14:34:58 C:\WINDOWS\system32\occache.dll ----a-w 581,120 2004-08-04 07:56:46 C:\WINDOWS\system32\rpcrt4.dll ----a-w 624,784 2007-01-10 17:47:38 C:\WINDOWS\system32\SymNeti.dll ----a-w 242,320 2007-01-10 17:47:38 C:\WINDOWS\system32\SymRedir.dll ----a-w 62,464 2007-06-27 14:34:58 C:\WINDOWS\system32\url.dll ----a-w 1,225,728 2007-06-27 14:34:58 C:\WINDOWS\system32\urlmon.dll ----a-w 393,728 2007-06-27 14:34:59 C:\WINDOWS\system32\webcheck.dll ----a-w 814,592 2007-06-27 14:34:59 C:\WINDOWS\system32\wininet.dll ----a-w 115,200 2007-03-09 10:02:31 C:\WINDOWS\system32\xpsp3res.dll ----a-w 16,384 2007-10-08 01:07:11 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ----a-w 32,768 2007-10-08 01:07:11 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ----a-w 32,768 2007-10-08 01:07:11 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat -c----w 124,928 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\advpack.dll -c----w 214,528 2006-10-17 18:57:50 C:\WINDOWS\system32\dllcache\dxtrans.dll -c----w 132,608 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\extmgr.dll -c----w 63,488 2007-06-27 08:27:04 C:\WINDOWS\system32\dllcache\ie4uinit.exe -c----w 153,088 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\ieakeng.dll -c----w 230,400 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\ieaksie.dll -c--a-w 161,792 2007-06-27 07:00:33 C:\WINDOWS\system32\dllcache\ieakui.dll -c----w 383,488 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\ieapfltr.dll -c----w 384,512 2007-06-27 14:34:51 C:\WINDOWS\system32\dllcache\iedkcs32.dll -c----w 6,058,496 2007-06-27 14:34:55 C:\WINDOWS\system32\dllcache\ieframe.dll -c----w 44,544 2007-06-27 14:34:55 C:\WINDOWS\system32\dllcache\iernonce.dll -c----w 267,776 2007-06-27 14:34:55 C:\WINDOWS\system32\dllcache\iertutil.dll -c----w 13,824 2007-06-27 08:27:05 C:\WINDOWS\system32\dllcache\ieudinit.exe -c--a-w 625,152 2007-06-27 08:27:30 C:\WINDOWS\system32\dllcache\iexplore.exe -c----w 683,520 2007-05-16 15:12:02 C:\WINDOWS\system32\dllcache\inetcomm.dll -c----w 27,648 2007-06-27 14:34:56 C:\WINDOWS\system32\dllcache\jsproxy.dll -c----w 459,264 2007-06-27 14:34:56 C:\WINDOWS\system32\dllcache\msfeeds.dll -c----w 52,224 2007-06-27 14:34:56 C:\WINDOWS\system32\dllcache\msfeedsbs.dll -c----w 3,583,488 2007-07-19 06:59:59 C:\WINDOWS\system32\dllcache\mshtml.dll -c----w 477,696 2007-06-27 14:34:57 C:\WINDOWS\system32\dllcache\mshtmled.dll -c----w 193,024 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\msrating.dll -c----w 671,232 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\mstime.dll -c--a-w 102,400 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\occache.dll -c----w 105,984 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\url.dll -c----w 1,152,000 2007-06-27 14:34:58 C:\WINDOWS\system32\dllcache\urlmon.dll -c----w 232,960 2007-06-27 14:34:59 C:\WINDOWS\system32\dllcache\webcheck.dll -c----w 823,808 2007-06-27 14:34:59 C:\WINDOWS\system32\dllcache\wininet.dll ----a-w 12,984 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symdns.sys ----a-w 145,976 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symfw.sys ----a-w 40,120 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symids.sys ----a-w 35,256 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symndis.sys ----a-w 38,200 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symndisv.sys ----a-w 27,576 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symredrv.sys ----a-w 191,544 2007-01-10 13:32:14 C:\WINDOWS\system32\drivers\symtdi.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VTTimer"="VTTimer.exe" [2005-03-08 02:33 C:\WINDOWS\system32\VTTimer.exe] "VTTrayp"="VTtrayp.exe" [2005-03-11 16:33 C:\WINDOWS\system32\VTTrayp.exe] "SoundMan"="SOUNDMAN.EXE" [2006-03-01 15:22 C:\WINDOWS\soundman.exe] "cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [] "capfasem"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" [] "cafwc"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" [] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 15:15] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 15:15] "SMSERIAL"="sm56hlpr.exe" [] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11] "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-09-03 09:04] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2006-09-06 03:22] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-29 12:22] "ViStart"="C:\Program Files\ViStart\ViStart.exe" [] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t C:\Documents and Settings\randy\Start Menu\Programs\Startup\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-06-27 18:56:26] OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "NoDispBackgroundPage"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"=0 (0x0) "NoPropertiesMyComputer"=0 (0x0) "NoFileAssociate"=0 (0x0) "NoSMHelp"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoRecentDocsHistory"=0 (0x0) "NoTrayItemsDisplay"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW] UmxWnp.Dll 2007-01-31 13:00 79368 C:\WINDOWS\system32\UmxWNP.dll R0 KmxStart;KmxStart;C:\WINDOWS\system32\DRIVERS\kmxstart.sys R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys R1 BIOS;BIOS;\??\C:\WINDOWS\System32\drivers\BIOS.sys R1 KmxAgent;KmxAgent;C:\WINDOWS\system32\DRIVERS\kmxagent.sys R1 KmxFile;KmxFile;C:\WINDOWS\system32\DRIVERS\KmxFile.sys R1 KmxFw;KmxFw;C:\WINDOWS\system32\DRIVERS\kmxfw.sys R2 KmxCF;KmxCF;C:\WINDOWS\system32\DRIVERS\KmxCF.sys R2 KmxSbx;KmxSbx;C:\WINDOWS\system32\DRIVERS\KmxSbx.sys R2 UmxAgent;HIPS Event Manager;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe" R2 UmxCfg;HIPS Configuration Interpreter;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe" R2 UmxPol;HIPS Policy Manager;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe" R3 KmxCfg;KmxCfg;C:\WINDOWS\system32\DRIVERS\kmxcfg.sys S3 BDSelfPr;BDSelfPr;\??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys S3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx scan [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] AutoRun\command - F:\CDStart.Exe Install\Command - F:\Stub.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76ee0c80-657a-11dc-be68-00192167bb26}] Auto\command - sxs.exe AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sxs.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8cc795e4-357f-11dc-bdbb-00192167bb26}] AutoRun\command - F:\LaunchU3.exe -a Newly Created Service - COMHOST Newly Created Service - ERASERUTILREBOOTDRV [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{21DB17A7-9EB9-0768-D9C5-22A71AD280F1}] C:\WINDOWS\system32:svchost.exe . Contents of the 'Scheduled Tasks' folder "2007-09-14 21:08:39 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-10-12 09:36:59 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - randy.job" - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe "2007-08-28 07:37:11 C:\WINDOWS\Tasks\rpc.job" - C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe . ************************************************************************ catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-12 02:26:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... C:\WINDOWS\system32:svchost.exe 20480 bytes executable scan completed successfully hidden files: 1 ************************************************************************ . Completion time: 2007-10-12 2:29:48 C:\ComboFix-quarantined-files.txt ... 2007-10-12 02:29 C:\ComboFix2.txt ... 2007-10-10 09:34 C:\ComboFix3.txt ... 2007-10-08 12:25 . --- E O F --- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:04:29 AM, on 10/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Protexis\License Service\PSIService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file) O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 11020 bytes