ComboFix
ComboFix 09-07-01.04 - Philip 07/02/2009 8:09.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3006.2267 [GMT -4:00]
Running from: c:\users\Philip\Desktop\bru1.exe
AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\install.exe
c:\program files\INSTALL.LOG
c:\users\Philip\AppData\Roaming\inst.exe
c:\windows\1015t9iez2523.dll
c:\windows\10952v5rzs91.ocx
c:\windows\109db5ckdo9rz679.ocx
c:\windows\10z569p566e.cpl
c:\windows\11287not-a-v9rzs6d5.cpl
c:\windows\11338hazktool79c5.bin
c:\windows\114z5hackto95623.bin
c:\windows\11889spam5ot3zf.dll
c:\windows\1196notza9v5rus273.exe
c:\windows\12794zot-a-95rus72d.cpl
c:\windows\128975zrm59a.ocx
c:\windows\131389o5m578z.dll
c:\windows\1348tro5497z.exe
c:\windows\13494not-a-5irus2dz.ocx
c:\windows\13509virzs393.ocx
c:\windows\14549virus1fz9.dll
c:\windows\14845pa9bzt269.cpl
c:\windows\14855hacktzol692.ocx
c:\windows\1491495zjdd.cpl
c:\windows\14a3down5oadez5609.exe
c:\windows\1512zworm599.ocx
c:\windows\1556s9az5ot5b0.cpl
c:\windows\157625acktoo9zde.ocx
c:\windows\15805z95ktool86.bin
c:\windows\1588hacktozl593.dll
c:\windows\16293virus975z.exe
c:\windows\165z9spy635.cpl
c:\windows\168b9hrezt25943.ocx
c:\windows\1692zorm1b5.bin
c:\windows\16935z5y122.bin
c:\windows\16964wor9z55.dll
c:\windows\17173zp96215.cpl
c:\windows\1718znot-5-9irus501.cpl
c:\windows\17213viru5191z.cpl
c:\windows\17491not-a-5irus6f4z.ocx
c:\windows\183165zt-a-9irus266.bin
c:\windows\18791spa5botzb9.exe
c:\windows\18794spazbot695.dll
c:\windows\18835virzs590.bin
c:\windows\18c9zdd5are80.bin
c:\windows\19021virus35z.dll
c:\windows\19090h5cztool58d.exe
c:\windows\19175troz398.exe
c:\windows\19228troz2e55.ocx
c:\windows\19395zpambot5a9.dll
c:\windows\1941addwa5e23z9.exe
c:\windows\19452v5ruz592.bin
c:\windows\1955addwarez285.dll
c:\windows\19653spz3dc5.exe
c:\windows\1966s59al162z.cpl
c:\windows\19795hacktoolz10.exe
c:\windows\199095ormz10.cpl
c:\windows\19z35troj71f.cpl
c:\windows\1az5t5ief20589.ocx
c:\windows\1b3as9ea5z398.ocx
c:\windows\1dazb5ckdoor25229.cpl
c:\windows\1ec5threat14792z.exe
c:\windows\1z957w9rm152.dll
c:\windows\215z1tr9j2085.cpl
c:\windows\2175z9r1357.dll
c:\windows\22112s5ambot51z9.ocx
c:\windows\22187spzmbo5994.ocx
c:\windows\2299z5irus249.bin
c:\windows\22c9zparse2151.cpl
c:\windows\23299not5a-virusz67.exe
c:\windows\237baddwz9e5475.ocx
c:\windows\2396spambotza5.exe
c:\windows\23b3adzwar9593.cpl
c:\windows\24918wo5mz97.dll
c:\windows\2525zsp5mbot799.bin
c:\windows\256z2v9rus67e.cpl
c:\windows\25744vir9s11z.bin
c:\windows\25817not-9-viru53c1z.exe
c:\windows\258baddwar51z94.dll
c:\windows\25938spyz6b.ocx
c:\windows\25959worm59z.exe
c:\windows\25b2stealz095.exe
c:\windows\25c4spar9z5241.exe
c:\windows\25fbspy9arz1753.dll
c:\windows\25z9downloade92782.exe
c:\windows\2609spars5284z.dll
c:\windows\26549tzoj1b35.dll
c:\windows\268515pam9oz12c.ocx
c:\windows\26eab5c9dooz1278.ocx
c:\windows\28051z9oj5d7.ocx
c:\windows\28105z5r9e.ocx
c:\windows\28153worm59z.dll
c:\windows\28298not5az9irus315.exe
c:\windows\28954troj5zb.dll
c:\windows\28995wor96z3.cpl
c:\windows\28azsp95se1976.cpl
c:\windows\28fdz9wnloader525.exe
c:\windows\29175ir1935z.exe
c:\windows\29314w5rz65.cpl
c:\windows\29361spamzot365.dll
c:\windows\2936h5cktzol719.dll
c:\windows\29374w9zm2e35.exe
c:\windows\29475not-a5virus5z3.exe
c:\windows\29525tz5j544.dll
c:\windows\2986spars52436z.bin
c:\windows\2997zvirus5c.bin
c:\windows\29c8virz7475.ocx
c:\windows\29z25spy299.bin
c:\windows\2babdownzo9d5r3139.bin
c:\windows\2bf5zddware7469.cpl
c:\windows\2c19zp5rse418.cpl
c:\windows\2c5baczdoor592.dll
c:\windows\2c5z9teal265.ocx
c:\windows\2d95azdw5re2233.ocx
c:\windows\2ezdthief9315.cpl
c:\windows\2f9fvz918555.exe
c:\windows\2z4519ac5tool454.exe
c:\windows\2z475s5ambot99.cpl
c:\windows\2z7405pambot69d.ocx
c:\windows\2z939pywa5e2583.cpl
c:\windows\2z966tr5j54.ocx
c:\windows\2zc2add5are529.cpl
c:\windows\30537s9zmb5t4ee.ocx
c:\windows\3055t9zj2f2.exe
c:\windows\309cbackdo5r1480z.dll
c:\windows\315195orm60z9.dll
c:\windows\3234spyzar51989.exe
c:\windows\3243zv5rus5889.exe
c:\windows\32469not-a-vzrus54b.dll
c:\windows\32532noz-a-9i5us3f2.exe
c:\windows\32d5downloade5z0829.cpl
c:\windows\3452threzt23957.ocx
c:\windows\348eth59zt29524.bin
c:\windows\3495w5rm4fdz.ocx
c:\windows\349cbaz5doo9268.cpl
c:\windows\353z2troj7f69.exe
c:\windows\354ab5ckdozr2297.bin
c:\windows\35552troj57z9.ocx
c:\windows\35e79zwnloader2500.cpl
c:\windows\35e9stez52794.bin
c:\windows\35z1sp9rse2205.dll
c:\windows\35z8threa913393.bin
c:\windows\369ethr5atz4864.ocx
c:\windows\3913sp5rsz2397.ocx
c:\windows\39505szy4fa.exe
c:\windows\39z4t9r5at28725.bin
c:\windows\39zbs9ea5310.ocx
c:\windows\3a1fbaczdoo52669.dll
c:\windows\3b889ackzoor3566.exe
c:\windows\3c8zspyw5re296.bin
c:\windows\3ca7spywa959z4.dll
c:\windows\3e5ethief1z829.dll
c:\windows\3ed9ste5l1594z.dll
c:\windows\3f529parse426z.exe
c:\windows\3f81thr95z15305.cpl
c:\windows\3z58spy9a5e628.exe
c:\windows\40d8downloade9z0335.exe
c:\windows\425a5hiez3901.cpl
c:\windows\4295p9rze37.ocx
c:\windows\42abvirz959.cpl
c:\windows\42fdth9e5t3z77.bin
c:\windows\4305spywzre1991.exe
c:\windows\434fdown9oader15z9.ocx
c:\windows\4490spy2e5z.exe
c:\windows\454espazse940.cpl
c:\windows\457t9oj52z.dll
c:\windows\458z9ir25995.cpl
c:\windows\45fbaddz9re669.exe
c:\windows\460cbackd5or1z98.dll
c:\windows\4689viz9540f.exe
c:\windows\46925ackzoor2617.bin
c:\windows\495cthizf18895.dll
c:\windows\497z5teal2587.dll
c:\windows\498zspyware135.cpl
c:\windows\4a08d9wnload5r32z0.bin
c:\windows\4b59stezl1985.ocx
c:\windows\4b95threat11856z.cpl
c:\windows\4e70baczdo5r1291.exe
c:\windows\4ea4t5iz92354.cpl
c:\windows\4f96zhief2155.bin
c:\windows\4z0495y4e5.ocx
c:\windows\4z4bthi592665.ocx
c:\windows\4ze5vir1998.ocx
c:\windows\502z1s9y428.dll
c:\windows\50598hack9ool4bz.bin
c:\windows\50f8backd5or9z56.dll
c:\windows\50z1downloa9er675.bin
c:\windows\5113t95ez2556.bin
c:\windows\51198virzs7a7.ocx
c:\windows\518zst9a52722.ocx
c:\windows\5190backdoor280z.cpl
c:\windows\51d9parse859z.exe
c:\windows\5253wo9m4d5z.ocx
c:\windows\5256threa53z8479.bin
c:\windows\5272threzt54097.cpl
c:\windows\5281downloader992z.cpl
c:\windows\529vzr5479.cpl
c:\windows\52aathre5t2346z9.ocx
c:\windows\52c5stezl1930.ocx
c:\windows\5317spy59cz.dll
c:\windows\5358hacktool29z.bin
c:\windows\53addow9loaze5872.ocx
c:\windows\5415z95us1da.exe
c:\windows\54673troj7z9.ocx
c:\windows\54c2thi5f2939z.ocx
c:\windows\54e6thie5298z.exe
c:\windows\5557not-9-virus3z7.exe
c:\windows\555b9pywaze2905.bin
c:\windows\5560steal30z19.cpl
c:\windows\55fthief9296z.bin
c:\windows\5705dzwnloade9391.dll
c:\windows\58dbthzeat29196.exe
c:\windows\58fcba9kdzor1235.dll
c:\windows\59096spa9botz5.dll
c:\windows\590dsparse30z0.bin
c:\windows\59382viruz995.bin
c:\windows\5944zackdo5r608.ocx
c:\windows\597btzreat5558.bin
c:\windows\5ad8vir95z9.exe
c:\windows\5az09hief2770.ocx
c:\windows\5b5spar9e517z.cpl
c:\windows\5c00szeal9165.ocx
c:\windows\5c9cdownloa5ez2155.cpl
c:\windows\5cd9thr95t1377z.exe
c:\windows\5d4bdowzlo9der1151.exe
c:\windows\5d86steal294z.cpl
c:\windows\5e5eazdware9205.cpl
c:\windows\5e96spyware5z95.ocx
c:\windows\5e99i51240z.bin
c:\windows\5ed1spars911z1.dll
c:\windows\5f5cthief2892z.cpl
c:\windows\5fcczi91768.dll
c:\windows\5z139ir2388.cpl
c:\windows\5zf29i5353.dll
c:\windows\5zf3v5r2599.cpl
c:\windows\61bzste9l1095.dll
c:\windows\62cfbaz9door155.exe
c:\windows\636ca9dwzre5265.exe
c:\windows\63c9backdzor2594.dll
c:\windows\63z8th9eat21058.bin
c:\windows\641195y36cz.cpl
c:\windows\644bthief2956z.ocx
c:\windows\651d9ownloa5er15z.cpl
c:\windows\66a69ze5l2937.bin
c:\windows\6802zackdoo96605.exe
c:\windows\685zt5re9t8968.cpl
c:\windows\688fzdd9are2555.ocx
c:\windows\689thrzat26655.dll
c:\windows\68d2t5i9f1z90.exe
c:\windows\690cthrzat20615.ocx
c:\windows\6912do5n9oaderz688.ocx
c:\windows\6924dow95zader867.dll
c:\windows\6959downloader10z0.dll
c:\windows\6965viz457.dll
c:\windows\69d0spazse58189.ocx
c:\windows\6b10ad9w5re1184z.dll
c:\windows\6c07t5rzat3960.ocx
c:\windows\6c5czpy9are1125.dll
c:\windows\6f5bvi9z550.cpl
c:\windows\6f5ebackd9or1917z.exe
c:\windows\6z0spy9are5945.exe
c:\windows\6z53thre9t8576.bin
c:\windows\71b5spywar51799z.exe
c:\windows\71d3a9dware2953z.exe
c:\windows\738cs5ar9e253z.bin
c:\windows\73fdsp5rsz979.cpl
c:\windows\7418not-a-viru95z35.bin
c:\windows\74229iru5z8f.exe
c:\windows\7454t9oj14fz.bin
c:\windows\7499troz695.cpl
c:\windows\7529baczdoor9786.exe
c:\windows\753downloadzr13659.dll
c:\windows\7550steal259z.exe
c:\windows\755zth95at22335.ocx
c:\windows\75b5zown5o9der2217.bin
c:\windows\75d59ddware2869z.cpl
c:\windows\76b1t5iez3109.cpl
c:\windows\7738h59ktool5z4.dll
c:\windows\7748back5zo92745.ocx
c:\windows\77zsparse30795.exe
c:\windows\782thre5z291049.ocx
c:\windows\78849ackd5oz1861.exe
c:\windows\7909d5wnloaderz26.cpl
c:\windows\797addza5e9456.dll
c:\windows\7a41vir2952z.dll
c:\windows\7a92addware527z.dll
c:\windows\7a95spyware67z.bin
c:\windows\7c1bbac5doorz95.dll
c:\windows\7cf89o5nloaderz519.dll
c:\windows\7f8ab5ckdozr14839.exe
c:\windows\8097sp5z93.ocx
c:\windows\89559pambot5f4z.ocx
c:\windows\91452zi5us305.cpl
c:\windows\9159zvirus5c8.bin
c:\windows\915z5py509.cpl
c:\windows\9178n5t-z-virus556.bin
c:\windows\91z52virus5b9.dll
c:\windows\92141v5rus62z.exe
c:\windows\925305orm5adz.exe
c:\windows\92614spambotz5.dll
c:\windows\93358zpambot4bb.cpl
c:\windows\93855hzcktool564.bin
c:\windows\95230worz7c.exe
c:\windows\95359viruszdd.bin
c:\windows\9538spyware1z8.ocx
c:\windows\95458spambot5z5.ocx
c:\windows\9559notza-viru954f.cpl
c:\windows\960bspzrse1851.bin
c:\windows\9680n5t-z-virus333.bin
c:\windows\96a2stez51124.dll
c:\windows\97065roje5z.bin
c:\windows\97c8zow5loader2780.cpl
c:\windows\97z215pambotd8.dll
c:\windows\9805t5zj901.cpl
c:\windows\9838hzckt5ol796.ocx
c:\windows\9952thr5zt15404.exe
c:\windows\9970w5rm3e0z.ocx
c:\windows\99z2tro5339.dll
c:\windows\9cf3d5wnlzader1449.exe
c:\windows\9d38s5eal14z7.bin
c:\windows\9e3z5parse3063.exe
c:\windows\9ea65teal1899z.bin
c:\windows\9f2dv5rz56.ocx
c:\windows\9z04ha5ktool29a9.exe
c:\windows\9z59troj658.dll
c:\windows\9z825orm529.exe
c:\windows\9z8ha5ktool929.dll
c:\windows\a49zown95ader380.ocx
c:\windows\b20do9nzoa5er1805.exe
c:\windows\b4595dwarz2315.exe
c:\windows\bzbs5arse9057.bin
c:\windows\c8cth9eat570z5.cpl
c:\windows\f6addwaze1095.cpl
c:\windows\f98spzwa9e546.dll
c:\windows\Installer\26cb6df.msi
c:\windows\Installer\63c9d.msi
c:\windows\Installer\6daebe.msi
c:\windows\system32\10489w5rm2z4.ocx
c:\windows\system32\11090szy3095.exe
c:\windows\system32\11z69virus52.exe
c:\windows\system32\12052hack9oo52ez.bin
c:\windows\system32\123959pambot648z.bin
c:\windows\system32\12559sz9504.dll
c:\windows\system32\1296zwo9m5d8.ocx
c:\windows\system32\13910z5rm1239.cpl
c:\windows\system32\1398z9d5are559.dll
c:\windows\system32\139955zy396.cpl
c:\windows\system32\14222no5-a-vzr9s674.exe
c:\windows\system32\14305trojz29.dll
c:\windows\system32\14915sz5m9ot457.ocx
c:\windows\system32\14916zpambot75f.cpl
c:\windows\system32\14z05tro915e.cpl
c:\windows\system32\15060z9oj3f5.cpl
c:\windows\system32\15155zirus910.ocx
c:\windows\system32\1515zworm694.cpl
c:\windows\system32\15590spz58e.bin
c:\windows\system32\1565szy379.exe
c:\windows\system32\156z8virus54b9.bin
c:\windows\system32\15b5downloader29z5.dll
c:\windows\system32\15bfdowz5oa9er625.ocx
c:\windows\system32\15dbv9z3159.dll
c:\windows\system32\15f5szyw9re1418.dll
c:\windows\system32\15zback5oo92653.exe
c:\windows\system32\160ztro5119.exe
c:\windows\system32\16382zr5j7a19.bin
c:\windows\system32\16464not9a5vizus307.dll
c:\windows\system32\1647noz-a-5irus6b39.exe
c:\windows\system32\1659zh9c5tool12e.exe
c:\windows\system32\16889o5za-virus1f3.ocx
c:\windows\system32\16955noz-a-vir5s1b99.cpl
c:\windows\system32\16z55sp9c5.exe
c:\windows\system32\17080not9a5vzrus21c.bin
c:\windows\system32\17389h5zf616.cpl
c:\windows\system32\188z5spambot91c.cpl
c:\windows\system32\18c9back5oor3z5.cpl
c:\windows\system32\19379sz95f9.ocx
c:\windows\system32\193hac5toolz9b.cpl
c:\windows\system32\19554troj7ccz.ocx
c:\windows\system32\19561vzru51.cpl
c:\windows\system32\19561zpy45.ocx
c:\windows\system32\195fthreatz1790.cpl
c:\windows\system32\195z3not5a-vir9s4ad.dll
c:\windows\system32\196z4not-a-vi5us764.bin
c:\windows\system32\19701s5a9bzt3c.bin
c:\windows\system32\19815spamb9t3dz.cpl
c:\windows\system32\19955spambotf2z.bin
c:\windows\system32\19a05ac9door28z5.exe
c:\windows\system32\19bbb5ckdozr3172.cpl
c:\windows\system32\19cz5hief895.cpl
c:\windows\system32\19w5zm905.cpl
c:\windows\system32\1a71dow9loazer5728.dll
c:\windows\system32\1e79bzckdo5r2938.exe
c:\windows\system32\1e9z5hie93138.ocx
c:\windows\system32\1ef5downlzader1988.cpl
c:\windows\system32\1z094t59j5d6.bin
c:\windows\system32\1z52bac9do5r561.ocx
c:\windows\system32\1z79addwar51190.exe
c:\windows\system32\1z865h9cktool302.dll
c:\windows\system32\206z9vir5s409.ocx
c:\windows\system32\2082ztr9592.cpl
c:\windows\system32\211559ackzoolf5.dll
c:\windows\system32\21215not-a-vizus298.cpl
c:\windows\system32\21449vi5uz295.exe
c:\windows\system32\21490s5amboz94.exe
c:\windows\system32\21557hzckt9ol5a4.dll
c:\windows\system32\21659rzj5b2.exe
c:\windows\system32\222z2virus259.exe
c:\windows\system32\22909vi9us15z.bin
c:\windows\system32\23469ha5ktool9ez.dll
c:\windows\system32\23592n9t-a-virus3z2.cpl
c:\windows\system32\23855z95m305.cpl
c:\windows\system32\23923hack5ozl51b.dll
c:\windows\system32\249viru9zb05.dll
c:\windows\system32\24a55ddzare19699.cpl
c:\windows\system32\25078notza-virus953.bin
c:\windows\system32\25199zo59a-virus94.bin
c:\windows\system32\251cth9eat2774z.dll
c:\windows\system32\252955py47z.bin
c:\windows\system32\25438tro5zc9.bin
c:\windows\system32\254469p56za.exe
c:\windows\system32\25504zr5j58b9.ocx
c:\windows\system32\25959not-a-virusz44.bin
c:\windows\system32\25d5th9eat35z2.dll
c:\windows\system32\25f8backdoo952z.cpl
c:\windows\system32\261149ackz5ol4e2.exe
c:\windows\system32\261ct9i5f3115z.dll
c:\windows\system32\2628zvir9s153.bin
c:\windows\system32\2634za9ktoo566d.cpl
c:\windows\system32\26573trojz9f.ocx
c:\windows\system32\26991tr59599z.bin
c:\windows\system32\269vi9us5z1.dll
c:\windows\system32\26z45spambot992.bin
c:\windows\system32\2725spambot7z9.cpl
c:\windows\system32\2745zviru974c.exe
c:\windows\system32\27562spamzo5659.bin
c:\windows\system32\27895trojz4.ocx
c:\windows\system32\2792459ojz03.cpl
c:\windows\system32\27z585r9j18a.exe
c:\windows\system32\281435p9z5.exe
c:\windows\system32\28274not-z-9irus5e.exe
c:\windows\system32\28462vi59z507.cpl
c:\windows\system32\28908wormz6b5.cpl
c:\windows\system32\28z99wo5m66.cpl
c:\windows\system32\29775tr9jz6d.dll
c:\windows\system32\299999roj35fz.dll
c:\windows\system32\2a52vi95z1.exe
c:\windows\system32\2c95sp59se1674z.bin
c:\windows\system32\2dzes9ea51108.exe
c:\windows\system32\2e58zpywar91962.bin
c:\windows\system32\2e92threat15099z.bin
c:\windows\system32\2e9e5tzal31339.cpl
c:\windows\system32\2ec3st5az16699.ocx
c:\windows\system32\2z56hacktool22f9.bin
c:\windows\system32\300eaddwa9ez153.exe
c:\windows\system32\30158virusz99.ocx
c:\windows\system32\3089z5orm3f6.cpl
c:\windows\system32\31028h5cztoo946f.ocx
c:\windows\system32\31094hacz5ool16b.dll
c:\windows\system32\31518not-a-vzrus295.cpl
c:\windows\system32\31538z95j5ca.ocx
c:\windows\system32\3159noz-a-vi5us64f.ocx
c:\windows\system32\3217addwzre2965.ocx
c:\windows\system32\32555wozm289.bin
c:\windows\system32\32571szy279.cpl
c:\windows\system32\32692zo5m1709.bin
c:\windows\system32\32e5addw5ze9149.cpl
c:\windows\system32\3340z5r1292.dll
c:\windows\system32\3559tzief147.cpl
c:\windows\system32\3599thief85z.cpl
c:\windows\system32\35z12s9y6f3.ocx
c:\windows\system32\371bthreaz156985.cpl
c:\windows\system32\3845not-az9irus11f.ocx
c:\windows\system32\385stzal2597.dll
c:\windows\system32\38b9do59loazer1243.exe
c:\windows\system32\38zcste5l22349.exe
c:\windows\system32\39076hazktool5075.dll
c:\windows\system32\39291tzoj5d1.exe
c:\windows\system32\393s5a9botz4a.dll
c:\windows\system32\397asparze1258.cpl
c:\windows\system32\39919pywar5z806.bin
c:\windows\system32\3a17spz5se2966.cpl
c:\windows\system32\3a84addwar539z5.exe
c:\windows\system32\3a95zackdo9r2575.dll
c:\windows\system32\3afzteal8395.ocx
c:\windows\system32\3c9baczdo9r17645.dll
c:\windows\system32\3e559pzrse1684.cpl
c:\windows\system32\3f90adzware2185.ocx
c:\windows\system32\3z2bdo5nloader3259.bin
c:\windows\system32\3zd295reat9728.dll
c:\windows\system32\400a5dzare13979.dll
c:\windows\system32\400ddzw9lo5der2673.bin
c:\windows\system32\4015thre9t8688z.ocx
c:\windows\system32\404Fix.exe
c:\windows\system32\41c2spaz9e8145.exe
c:\windows\system32\42d4threz526419.bin
c:\windows\system32\439faddwzre5239.cpl
c:\windows\system32\44a8down9ozder2345.cpl
c:\windows\system32\45bf9pyware255z.cpl
c:\windows\system32\45z8sp9w5re1718.bin
c:\windows\system32\46c5threa915z18.cpl
c:\windows\system32\46d4t5reat2594z.cpl
c:\windows\system32\486fad59arez657.bin
c:\windows\system32\48z5t59eat24976.ocx
c:\windows\system32\494fstez52755.cpl
c:\windows\system32\499cs5arse2z53.ocx
c:\windows\system32\4ddo5nloaderz49.ocx
c:\windows\system32\4f81backdozr59489.dll
c:\windows\system32\4z52hackto5l12c9.dll
c:\windows\system32\4z8dvir9595.bin
c:\windows\system32\4z905ir415.bin
c:\windows\system32\502fs9eal32z3.dll
c:\windows\system32\506159rojzae.cpl
c:\windows\system32\50zaadd9are205.dll
c:\windows\system32\510bth5ea916z2.dll
c:\windows\system32\512sze5l599.dll
c:\windows\system32\515z8spambot1ec9.exe
c:\windows\system32\51c95teal23z69.bin
c:\windows\system32\521z9spam9ot3e3.dll
c:\windows\system32\5225st59lz692.bin
c:\windows\system32\5255worz6119.exe
c:\windows\system32\52edzh9e5t30959.ocx
c:\windows\system32\531089ozm19.exe
c:\windows\system32\53345hie9142z.bin
c:\windows\system32\540fsparze3932.cpl
c:\windows\system32\542z1spambo961f.dll
c:\windows\system32\54403not-a-vz9us1d0.dll
c:\windows\system32\55495hreaz12257.ocx
c:\windows\system32\5561worz9eb5.ocx
c:\windows\system32\55729iruz68f5.ocx
c:\windows\system32\55b9zddware1718.bin
c:\windows\system32\55c9tzreat8209.exe
c:\windows\system32\55dst9al44z.bin
c:\windows\system32\5629vir5z1.exe
c:\windows\system32\56459ir139z.ocx
c:\windows\system32\5653thre9t589z9.exe
c:\windows\system32\5660z5ambo96dd.cpl
c:\windows\system32\5679downzoade53190.exe
c:\windows\system32\56z65hre9t24649.bin
c:\windows\system32\570noz-a-virus3259.ocx
c:\windows\system32\570z9vi9us757.dll
c:\windows\system32\574fsteal299z.ocx
c:\windows\system32\57605teal449z.exe
c:\windows\system32\589espaz5e1357.bin
c:\windows\system32\58z43spy95d.dll
c:\windows\system32\58z9spy198.dll
c:\windows\system32\5928ztroj52f.cpl
c:\windows\system32\5935vir99z.exe
c:\windows\system32\5937ztroj536.cpl
c:\windows\system32\5945addwarez976.bin
c:\windows\system32\5953stezl8515.dll
c:\windows\system32\5955zworm267.cpl
c:\windows\system32\5977vzr195.dll
c:\windows\system32\5995thi9f42z5.ocx
c:\windows\system32\59a6szywar5755.exe
c:\windows\system32\59a8st5alz295.ocx
c:\windows\system32\59d4s9eal28z9.dll
c:\windows\system32\59dthief3096z.cpl
c:\windows\system32\59f0thiez2104.cpl
c:\windows\system32\59z59parse265.exe
c:\windows\system32\5a69addw5re11z0.exe
c:\windows\system32\5a6zsteal975.dll
c:\windows\system32\5ab4za9kdoor185.bin
c:\windows\system32\5az5v5r995.exe
c:\windows\system32\5c5fthreat1z598.ocx
c:\windows\system32\5c93thiez25535.cpl
c:\windows\system32\5d1dspz5are901.cpl
c:\windows\system32\5e94steal262z5.dll
c:\windows\system32\5e9zdow5lo9der1029.dll
c:\windows\system32\5f21spar5e2z59.bin
c:\windows\system32\5f4z59reat495.cpl
c:\windows\system32\5z407tro9511.exe
c:\windows\system32\5z545h9eat18402.cpl
c:\windows\system32\5z5fs9yware2390.ocx
c:\windows\system32\5z75th9ef9995.bin
c:\windows\system32\6030tr9j4z5.dll
c:\windows\system32\60519zoj56e.ocx
c:\windows\system32\6059a9zwa5e1872.dll
c:\windows\system32\6137spyware5z819.cpl
c:\windows\system32\6242threzt99546.ocx
c:\windows\system32\6397baczdo5r2610.ocx
c:\windows\system32\639avir547z9.bin
c:\windows\system32\6474thzef25509.bin
c:\windows\system32\64z2steal9515.dll
c:\windows\system32\654zwo9m56.bin
c:\windows\system32\658bthizf1790.ocx
c:\windows\system32\681cste9511z6.ocx
c:\windows\system32\683fspyw5re2z09.bin
c:\windows\system32\6899w9zm5a7.cpl
c:\windows\system32\6az0vi5792.cpl
c:\windows\system32\6d0595rz847.exe
c:\windows\system32\6e59s9eaz221.exe
c:\windows\system32\6ef85d9ware241z.exe
c:\windows\system32\6fdthrea959927z.cpl
c:\windows\system32\6z56t5oj390.bin
c:\windows\system32\6z6595yware2742.ocx
c:\windows\system32\706e9ack5ozr770.ocx
c:\windows\system32\70zsp556e9.cpl
c:\windows\system32\7149zpy20e5.exe
c:\windows\system32\71579acztool129.ocx
c:\windows\system32\715z9ownloade52153.exe
c:\windows\system32\7168hackto9l55z.exe
c:\windows\system32\71z5t9ief2991.exe
c:\windows\system32\7295backdozr13159.dll
c:\windows\system32\7395szar5e954.cpl
c:\windows\system32\739zste5l3175.cpl
c:\windows\system32\75asteal1z999.cpl
c:\windows\system32\75z5vir965.dll
c:\windows\system32\7625steaz26539.dll
c:\windows\system32\76dfad59zre747.exe
c:\windows\system32\76zcste5l18919.cpl
c:\windows\system32\77z7tro59df.dll
c:\windows\system32\782bs9yware117z5.ocx
c:\windows\system32\7874bac5do9r112z.exe
c:\windows\system32\78z5hrea932126.bin
c:\windows\system32\7a5c9owzloade51182.dll
c:\windows\system32\7af6th5e9t248z8.bin
c:\windows\system32\7b49viz859.cpl
c:\windows\system32\7be0stea51z619.dll
c:\windows\system32\7cz9thie53167.cpl
c:\windows\system32\7e97zpyware525.bin
c:\windows\system32\7f91dowzl9ader6215.dll
c:\windows\system32\7fvzr935.exe
c:\windows\system32\7z70t59j60.bin
c:\windows\system32\7z9thie553.ocx
c:\windows\system32\7zc1thr5a924320.ocx
c:\windows\system32\7zdd9wn5oader194.dll
c:\windows\system32\835thzef91655.ocx
c:\windows\system32\8497troz5fb.dll
c:\windows\system32\8518no9-a-vizus269.dll
c:\windows\system32\879thre9t20z205.dll
c:\windows\system32\8949zot-a5virus21b9.exe
c:\windows\system32\8995n5t9a-virzs679.ocx
c:\windows\system32\8z34spa95ot443.dll
c:\windows\system32\902845roz742.bin
c:\windows\system32\9078v5r311z.bin
c:\windows\system32\9093v5zusaf.cpl
c:\windows\system32\90edaddwarez253.exe
c:\windows\system32\913v5z949.bin
c:\windows\system32\9154troj3z3.ocx
c:\windows\system32\915avir4z5.dll
c:\windows\system32\91dthzef30895.cpl
c:\windows\system32\92zdown9oader1505.bin
c:\windows\system32\9304trzj85.cpl
c:\windows\system32\9339viz5s669.dll
c:\windows\system32\93458hackto5l5z5.bin
c:\windows\system32\9357spy545z.exe
c:\windows\system32\9400t5rzat21786.ocx
c:\windows\system32\94835virus5zc.ocx
c:\windows\system32\9507spy3z75.cpl
c:\windows\system32\9525addwzre845.exe
c:\windows\system32\95535zirus75f.cpl
c:\windows\system32\95773z5rus5a3.bin
c:\windows\system32\9609spam5oz99.cpl
c:\windows\system32\966s9eal2570z.ocx
c:\windows\system32\973z4hacktoo5ba.ocx
c:\windows\system32\974z9worm85.cpl
c:\windows\system32\9754zormbf.ocx
c:\windows\system32\986espyware18z65.cpl
c:\windows\system32\9915viruz1c4.cpl
c:\windows\system32\9955downloader2z05.ocx
c:\windows\system32\99ddbackdooz2545.ocx
c:\windows\system32\9a955ir125z.bin
c:\windows\system32\9ad5thief214z.exe
c:\windows\system32\9ec2zpars52729.cpl
c:\windows\system32\9f05thzeat2957.exe
c:\windows\system32\9z993spy1995.exe
c:\windows\system32\9za2backdoor5434.ocx
c:\windows\system32\9zcdspyware26425.bin
c:\windows\system32\a76zack5oor3971.dll
c:\windows\system32\a9cbackdz9r956.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\b29tzr5at23404.ocx
c:\windows\system32\b75sp9ware15z7.cpl
c:\windows\system32\b9f5zeal1644.exe
c:\windows\system32\c09ddza5e3027.dll
c:\windows\system32\c69st5zl1269.bin
c:\windows\system32\cect5zef3919.ocx
c:\windows\system32\d59sparse3z74.ocx
c:\windows\system32\drivers\MSIVXcfdhcvtyqiuyojontpyqvkibeuxperdw.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\e9e9pyware59z6.dll
c:\windows\system32\e9zs5yware1448.dll
c:\windows\system32\f60download59z211.cpl
c:\windows\system32\fz9thief5198.ocx
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\KBL.LOG
c:\windows\system32\MSIVXcount
c:\windows\system32\MSIVXtudspfkaisnprxwrssqktvbadpoqfipu.dll
c:\windows\system32\MSIVXxfllixiimmmwdlmgwevvqajngsxyhvec.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
c:\windows\system32\z1199virus758.bin
c:\windows\system32\z1518vi9us624.bin
c:\windows\system32\z151spywa9e1922.bin
c:\windows\system32\z1946troj35.dll
c:\windows\system32\z2414not-a-v95us6c0.dll
c:\windows\system32\z2bthief4599.ocx
c:\windows\system32\z3b1vir529.ocx
c:\windows\system32\z479troj1845.exe
c:\windows\system32\z515threat5998.cpl
c:\windows\system32\z552sp95d7.ocx
c:\windows\system32\z5585wo9m5fd.ocx
c:\windows\system32\z5599v5rus737.ocx
c:\windows\system32\z594downloader1885.bin
c:\windows\system32\z595threa59706.exe
c:\windows\system32\z59cad9ware1555.bin
c:\windows\system32\z5c3sparse5693.exe
c:\windows\system32\z6935wo5m459.cpl
c:\windows\system32\z90f5hief2297.dll
c:\windows\system32\z9539v9rus5bb.ocx
c:\windows\system32\z9800tro5145.bin
c:\windows\system32\z995spy4a2.cpl
c:\windows\system32\zbc2vir2559.dll
c:\windows\system32\zce85parse1939.exe
c:\windows\system32\zf85addwar91882.exe
c:\windows\z06625i9us71.dll
c:\windows\z092v9rus157.exe
c:\windows\z114hac9t5ol245.cpl
c:\windows\z1649orm2195.exe
c:\windows\z1b9steal757.exe
c:\windows\z2058not-a-vir5s9fa.ocx
c:\windows\z2848w5rm79a.cpl
c:\windows\z2949roj195.bin
c:\windows\z2960hackt5ol665.exe
c:\windows\z34cthre5t2019.cpl
c:\windows\z4455sp95d2.dll
c:\windows\z533hackt9ol52.exe
c:\windows\z5365t9oj20c.exe
c:\windows\z5557spy59a.ocx
c:\windows\z5705spamb9t6e75.dll
c:\windows\z58dthreat20419.exe
c:\windows\z59499irus5a5.exe
c:\windows\z660s95mbot6d3.cpl
c:\windows\z745hac9tool65e5.exe
c:\windows\z8259spamb5t971.dll
c:\windows\z8575spy902.ocx
c:\windows\z9255troj1b99.cpl
c:\windows\z9c0t9re5t25299.dll
c:\windows\z9est5al1629.exe
c:\windows\zb01ad5wa9e1763.cpl
c:\windows\zbc5thie91819.ocx
c:\windows\zc4dthreat52629.bin
c:\windows\zc93addwar51972.cpl
c:\windows\zf4a9pyware2235.bin
D:\Desktop.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_MSIVXserv.sys
((((((((((((((((((((((((( Files Created from 2009-06-02 to 2009-07-02 )))))))))))))))))))))))))))))))
.
2009-07-02 12:24 . 2009-07-02 12:24 -------- d-----w- c:\users\Philip\AppData\Local\temp
2009-07-01 23:27 . 2009-07-01 23:27 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-07-01 23:27 . 2009-07-01 23:27 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-07-01 23:27 . 2009-07-01 23:27 -------- d-----w- c:\program files\OpenAL
2009-06-29 19:47 . 2009-06-29 19:47 -------- d-----w- c:\program files\Fotosizer
2009-06-29 17:44 . 2009-06-30 15:39 -------- d-----w- c:\program files\Photo Viewer
2009-06-27 01:50 . 2009-06-29 00:38 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-27 01:50 . 2009-06-29 00:38 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-24 13:58 . 2009-06-24 13:58 -------- d-----w- c:\users\Philip\AppData\Roaming\mplayer
2009-06-24 01:27 . 2006-10-12 16:29 83504 ----a-w- c:\programdata\AOL OCP\AIM\Storage\All Users\SUDS_BBC2683C\TEMP\ProgUpd.dll
2009-06-22 17:57 . 2009-06-22 17:57 -------- d-----w- c:\users\Philip\AppData\Roaming\Malwarebytes
2009-06-22 17:48 . 2009-06-22 17:48 -------- d-----w- c:\program files\Trend Micro
2009-06-22 16:51 . 2009-06-17 15:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-22 16:51 . 2009-06-22 17:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-22 16:51 . 2009-06-22 16:51 -------- d-----w- c:\programdata\Malwarebytes
2009-06-22 16:51 . 2009-06-17 15:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-22 15:02 . 2009-06-22 15:02 -------- d-----w- c:\program files\CCleaner
2009-06-21 20:19 . 2009-06-21 20:19 35 ----a-w- c:\users\Philip\AppData\Roaming\SetValue.bat
2009-06-19 04:56 . 2009-06-19 05:07 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-17 16:29 . 2009-06-17 16:29 -------- d-----w- c:\users\Philip\AppData\Roaming\Xerox
2009-06-16 19:01 . 2009-06-16 19:01 -------- d-----w- c:\users\Philip\AppData\Roaming\Yahoo!
2009-06-16 19:01 . 2009-06-16 19:01 -------- d-----w- c:\users\Philip\AppData\Roaming\GrabPro
2009-06-16 19:01 . 2009-06-16 19:03 -------- d-----w- c:\users\Philip\AppData\Roaming\Orbit
2009-06-15 18:08 . 2009-06-15 19:58 -------- d-----w- c:\users\Philip\AppData\Local\LogMeIn Rescue Calling Card
2009-06-15 18:08 . 2009-06-15 18:09 -------- d-----w- c:\program files\LogMeIn Rescue Calling Card
2009-06-15 15:37 . 2008-06-19 21:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-06-15 15:37 . 2009-06-15 15:37 -------- d-----w- c:\program files\Panda Security
2009-06-12 21:03 . 2009-06-12 21:03 -------- d-----w- c:\program files\MagicISO
2009-06-12 18:51 . 2009-06-12 18:51 -------- d-----w- c:\users\Philip\AppData\Roaming\dvdcss
2009-06-12 18:07 . 2009-06-12 18:07 -------- d-----w- c:\users\Philip\AppData\Local\MagicSoftware
2009-06-12 18:07 . 2009-06-12 18:07 -------- d-----w- C:\MAGICDVDCOPY_TEMP
2009-06-12 18:06 . 2009-06-12 18:07 -------- d-----w- c:\users\Philip\AppData\Roaming\Vso
2009-06-12 18:06 . 2009-06-12 18:06 47360 ----a-w- c:\users\Philip\AppData\Roaming\pcouffin.sys
2009-06-12 17:51 . 2009-06-12 17:51 -------- d-----w- c:\program files\M4aMp3
2009-06-11 16:20 . 2009-06-11 16:21 -------- d-----w- c:\program files\win32dasm
2009-06-11 16:08 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-06-11 16:08 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-06-10 16:25 . 2009-06-30 12:26 -------- d-----w- c:\windows\LTSVC
2009-06-10 15:12 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-09 15:16 . 2009-06-09 15:16 -------- d-----w- c:\users\Philip\AppData\Roaming\LabTech Software
2009-06-07 22:46 . 2009-06-09 17:01 -------- d-----w- c:\program files\tsearch
2009-06-05 16:50 . 2009-01-14 19:16 -------- d-----w- C:\accsdk_win32_1_6_8
2009-06-04 21:31 . 2009-06-04 21:31 -------- d-----w- c:\users\Philip\AppData\Local\LabTech Software LLC
2009-06-04 21:15 . 2009-06-25 15:08 -------- d-----w- c:\program files\LabTech Client
2009-06-02 13:56 . 2009-06-02 13:56 -------- d-----w- c:\program files\iPod
2009-06-02 13:56 . 2009-06-02 13:56 -------- d-----w- c:\program files\iTunes
2009-06-02 13:53 . 2009-06-02 13:54 -------- d-----w- c:\program files\QuickTime
2009-06-02 13:46 . 2009-06-02 13:46 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-02 12:06 . 2009-02-01 01:21 -------- d-----w- c:\programdata\VMware
2009-07-02 12:04 . 2008-05-01 02:51 12 ----a-w- c:\windows\bthservsdp.dat
2009-07-02 12:04 . 2008-10-09 14:58 -------- d-----w- c:\users\Philip\AppData\Roaming\DNA
2009-07-02 10:49 . 2008-09-28 15:38 -------- d-----w- c:\programdata\Google Updater
2009-07-02 10:46 . 2008-10-09 14:58 -------- d-----w- c:\program files\DNA
2009-07-01 23:59 . 2009-05-27 16:45 -------- d-----w- c:\users\Philip\AppData\Roaming\.anki
2009-07-01 00:02 . 2008-09-30 20:42 -------- d-----w- c:\users\Philip\AppData\Roaming\BitTorrent
2009-06-24 01:29 . 2008-02-29 04:27 -------- d-----w- c:\program files\AIM6
2009-06-24 01:29 . 2008-02-29 04:28 -------- d-----w- c:\programdata\Viewpoint
2009-06-24 01:28 . 2009-06-24 01:28 -------- d-----w- c:\programdata\AOL Downloads
2009-06-23 18:37 . 2008-10-14 01:32 -------- d-----w- c:\program files\Steam
2009-06-21 20:19 . 2009-06-21 20:19 691 ----a-w- c:\users\Philip\AppData\Roaming\GetValue.vbs
2009-06-19 17:11 . 2008-08-12 02:26 7944 ----a-w- c:\users\Philip\AppData\Local\d3d9caps.dat
2009-06-19 13:35 . 2008-09-28 15:38 -------- d-----w- c:\program files\Google
2009-06-17 00:51 . 2008-07-11 13:29 -------- d-----w- c:\program files\Yahoo!
2009-06-16 18:36 . 2008-07-27 05:25 1700880 ----a-w- c:\programdata\WildTangent\My HP Game Console\Downloads\en-us\Installers\SetupGamesClient.exe
2009-06-12 21:02 . 2008-12-30 18:10 -------- d-----w- c:\program files\Xilisoft
2009-06-11 16:10 . 2008-02-29 05:15 -------- d-----w- c:\programdata\Microsoft Help
2009-06-11 14:12 . 2008-02-29 04:51 -------- d-----w- c:\program files\Microsoft Works
2009-06-10 16:24 . 2008-07-14 01:34 -------- d-----w- c:\program files\Business Objects
2009-06-10 15:15 . 2008-07-15 23:40 27430 ----a-w- c:\users\Philip\AppData\Roaming\nvModes.dat
2009-06-09 17:00 . 2008-12-05 14:24 -------- d-----w- c:\program files\DOSBox-0.72
2009-06-09 16:41 . 2008-07-14 01:18 1715456 ----a-w- c:\programdata\Microsoft\VisualStudio\9.0\1033\ResourceCache.dll
2009-06-04 14:52 . 2009-05-26 14:07 -------- d-----w- c:\users\Philip\AppData\Roaming\mIRC
2009-06-02 13:56 . 2008-07-16 15:09 -------- d-----w- c:\program files\Common Files\Apple
2009-06-02 13:56 . 2008-07-16 15:10 -------- d-----w- c:\programdata\Apple Computer
2009-06-01 14:23 . 2008-07-11 13:35 122784 ----a-w- c:\users\Philip\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-01 11:52 . 2009-06-01 11:52 -------- d-----w- c:\users\Philip\AppData\Roaming\Sibelius Software
2009-06-01 11:52 . 2009-06-01 11:52 -------- d-----w- c:\program files\Musicnotes
2009-05-27 18:52 . 2009-05-27 18:52 -------- d-----w- c:\users\Philip\AppData\Roaming\.matplotlib
2009-05-27 16:44 . 2009-05-27 16:44 -------- d-----w- c:\program files\Anki
2009-05-26 14:36 . 2009-05-26 14:30 -------- d-----w- c:\users\Philip\AppData\Roaming\leafChat
2009-05-26 14:24 . 2009-05-26 14:20 -------- d-----w- c:\users\Philip\AppData\Roaming\X-Chat 2
2009-05-22 22:09 . 2009-05-22 22:09 127877 ----a-w- c:\users\Philip\AppData\Roaming\Move Networks\uninstall.exe
2009-05-22 22:09 . 2009-05-22 22:09 -------- d-----w- c:\users\Philip\AppData\Roaming\Move Networks
2009-05-22 22:09 . 2009-05-01 06:30 4183416 ----a-w- c:\users\Philip\AppData\Roaming\Move Networks\plugins\npqmp071500000347.dll
2009-05-19 12:48 . 2008-10-14 01:52 -------- d-----w- c:\program files\Common Files\Steam
2009-05-19 05:36 . 2009-06-24 01:28 2884832 ----a-w- c:\programdata\AOL Downloads\SUD4426\vwpt.exe
2009-05-19 05:36 . 2009-06-24 01:28 28 ----a-w- c:\programdata\AOL Downloads\SUD4426\unregister.bat
2009-05-19 05:36 . 2009-06-24 01:28 1484856 ----a-w- c:\programdata\AOL Downloads\SUD4426\toolbar.exe
2009-05-19 05:36 . 2009-06-24 01:28 97072 ----a-w- c:\programdata\AOL Downloads\SUD4426\bsetutil.exe
2009-05-19 05:36 . 2009-06-24 01:28 25 ----a-w- c:\programdata\AOL Downloads\SUD4426\register.bat
2009-05-19 05:36 . 2009-06-24 01:28 142040 ----a-w- c:\programdata\AOL Downloads\SUD4426\alsetup.exe
2009-05-19 05:36 . 2009-06-24 01:28 30512 ----a-w- c:\programdata\AOL Downloads\SUD4426\Uninstaller.exe
2009-05-19 05:36 . 2009-06-24 01:28 111920 ----a-w- c:\programdata\AOL Downloads\SUD4426\AOLSearch.dll
2009-05-17 14:19 . 2008-05-01 03:20 -------- d-----w- c:\programdata\NVIDIA
2009-05-16 20:27 . 2008-05-01 03:15 -------- d-----w- c:\programdata\WildTangent
2009-05-16 01:40 . 2008-10-19 00:52 -------- d-----w- c:\users\Philip\AppData\Roaming\Hamachi
2009-05-15 11:15 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-10 22:36 . 2009-04-02 20:42 10134 ----a-r- c:\users\Philip\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
2009-05-09 21:49 . 2008-07-16 14:13 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-09 05:50 . 2009-06-10 15:13 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 15:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-08 21:47 . 2008-07-14 01:25 -------- d-----w- c:\program files\Microsoft SQL Server
2009-05-01 06:30 . 2009-05-01 06:30 97144 ----a-w- c:\users\Philip\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
2009-04-23 12:42 . 2009-06-10 15:13 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 11:55 . 2009-06-10 15:13 2033152 ----a-w- c:\windows\system32\win32k.sys
2002-10-25 14:02 . 2008-11-29 01:10 11197 ----a-w- c:\program files\UNWISE.INI
2002-07-26 21:02 . 2008-11-29 01:10 153088 ----a-w- c:\program files\UNWISE.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 22:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 22:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 22:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 22:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 22:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 22:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 22:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 22:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 22:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-16 342848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-08 159744]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-09-13 222504]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2008-10-22 1310720]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2008-10-29 64048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2008-07-17 111952]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2007-10-25 136512]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-10-09 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-09 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-09 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]
Network Monitoring Tray.lnk - c:\windows\LTSVC\LTTray.exe [2009-4-22 430080]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi8"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3958591771-1126899415-3006480088-1000]
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7C154DA9-96B9-4480-91C3-8FC2F9E01536}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{3BD5CE79-4436-4204-921D-1B8E51162E77}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{0A22178B-C5CD-4868-A8BA-B91A7681A0E9}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{ACE79C0C-21A9-4443-8313-E2B400B9DBD3}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{167BE05E-A65C-476A-A01B-C3B1D78BD124}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{A9AAFC9D-2385-4528-8147-2519D1E2E1D5}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{FA68AEC2-F352-4337-AB0D-991D8FB54BD9}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{EB15CD0A-D009-44CE-8D41-FBCFEB5A258F}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{505D8E7A-4BB1-4FD4-A73E-02A96164BEF3}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{654E0CEE-A297-4719-8778-E49A092A41E8}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{F87F295F-D795-4C1B-98E2-E0955B847972}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{7B247066-E8AC-4016-A7F5-F3630CA7E4E4}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{2EABEA6B-73BF-446A-8DC8-B255652F4D6B}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{CC729256-DA9F-44C5-A9B5-4B9F998E636C}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{E1FAFD41-C7BF-45FD-920F-67FA51F44337}"= TCP:c:\program files\AIM6\aim6.exe:AIM
"{3ABAD78C-05F7-4619-8CA3-739C26E03466}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{A85F20C8-3066-4078-950F-E813E3719505}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{BE125A03-74A0-45D2-BD91-E54CD9C912E3}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{291828A2-3AB2-497C-AAAE-F478DCA1B19E}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{11404974-2A62-407A-A39D-A54831E2E211}"= TCP:c:\program files\DNA\btdna.exe:DNA
"{257038C4-4CF1-4BE8-B661-8088A92B2DAF}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{5683661D-BA0F-4D65-BB13-ED813963C381}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{E2B569E8-E927-4CA8-8F74-72FB7BBF7569}c:\\program files\\aim6\\aim6.exe"= UDP:c:\program files\aim6\aim6.exe:AIM
"UDP Query User{3C0BACDA-73B9-4208-AC1D-58BF4DAEC73C}c:\\program files\\aim6\\aim6.exe"= TCP:c:\program files\aim6\aim6.exe:AIM
"TCP Query User{BCABF9FE-5028-4779-A3B3-38B4839510CD}c:\\program files\\ea games\\mohaa\\mohaa.exe"= UDP:c:\program files\ea games\mohaa\mohaa.exe:Medal of Honor Allied Assault
"UDP Query User{C5988953-5A62-4229-8B28-001199BC98E5}c:\\program files\\ea games\\mohaa\\mohaa.exe"= TCP:c:\program files\ea games\mohaa\mohaa.exe:Medal of Honor Allied Assault
"{150B576A-7F2E-4C95-9071-742B152352E0}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{64DC54EE-4E49-4E34-9606-74C706C0EBCC}"= TCP:c:\program files\DNA\btdna.exe:DNA
"TCP Query User{801B2BC8-C9DC-4754-9FC3-C57B5F4AB033}c:\\program files\\steam\\steamapps\\carpenoctum319\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\carpenoctum319\counter-strike source\hl2.exe:hl2
"UDP Query User{F4D26217-C3B0-4895-99E5-E994B3AF308E}c:\\program files\\steam\\steamapps\\carpenoctum319\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\carpenoctum319\counter-strike source\hl2.exe:hl2
"TCP Query User{0D49E10D-EC5B-4656-B184-BFA7C3D4240A}c:\\program files\\steam\\steamapps\\carpenoctum319\\half-life 2 deathmatch\\hl2.exe"= UDP:c:\program files\steam\steamapps\carpenoctum319\half-life 2 deathmatch\hl2.exe:hl2
"UDP Query User{40848A26-C91C-4692-8A7A-465FE1E6E3FE}c:\\program files\\steam\\steamapps\\carpenoctum319\\half-life 2 deathmatch\\hl2.exe"= TCP:c:\program files\steam\steamapps\carpenoctum319\half-life 2 deathmatch\hl2.exe:hl2
"{AC022B66-6B39-41C5-8F50-6AAA9FFEDEA0}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{F803E459-5EBA-4884-BA34-FC2610805F6B}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A229AEBE-424F-4A9F-8219-4248081AF9F5}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{7CF89123-7FFE-40A2-A7E7-1E2154EE99D2}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{CF7F479C-DF5C-4B9F-A0D3-19F37987AB75}c:\\program files\\hamachi\\hamachi.exe"= UDP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"UDP Query User{4A0AECE0-16D9-49B3-ADC6-22289156E8DA}c:\\program files\\hamachi\\hamachi.exe"= TCP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"TCP Query User{1AF57C22-E449-44D9-A842-CE6C0AA61D84}c:\\program files\\eclipse\\eclipse.exe"= UDP:c:\program files\eclipse\eclipse.exe:eclipse
"UDP Query User{46006C01-3978-4269-B96D-D30D15F55063}c:\\program files\\eclipse\\eclipse.exe"= TCP:c:\program files\eclipse\eclipse.exe:eclipse
"{E5639647-68F6-416D-99BF-75C4DF80BD9A}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{C2F477DF-875D-45CB-97F5-6A0299EDC36E}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{D530270E-08EF-4014-9AA4-CFF9AE0AD947}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{5F63CC25-612A-41CE-864E-5CED2977F459}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"{22F0C051-E72E-43D8-AF57-58298F24173A}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{180D498F-D31C-4E55-8F3D-23B6CC2610BD}c:\\program files\\starcraft\\starcraft.exe"= UDP:c:\program files\starcraft\starcraft.exe:StarCraft
"UDP Query User{2CA1A1F9-BC04-40D8-8202-A5E0748B4B4C}c:\\program files\\starcraft\\starcraft.exe"= TCP:c:\program files\starcraft\starcraft.exe:StarCraft
"TCP Query User{DEC797D8-20F2-4DF7-A6FF-FFAC535FECCD}c:\\program files\\torque game engine demo\\demo.exe"= UDP:c:\program files\torque game engine demo\demo.exe:demo
"UDP Query User{A518F63E-FA2E-4DB6-AFBD-89E18B6106BE}c:\\program files\\torque game engine demo\\demo.exe"= TCP:c:\program files\torque game engine demo\demo.exe:demo
"TCP Query User{CEBA2B90-308C-43C7-B2B1-E2678B052155}c:\\xampp\\apache\\bin\\apache.exe"= UDP:c:\xampp\apache\bin\apache.exe:Apache HTTP Server
"UDP Query User{B97F55FF-C38A-4F26-A78A-DA1A40A3F74A}c:\\xampp\\apache\\bin\\apache.exe"= TCP:c:\xampp\apache\bin\apache.exe:Apache HTTP Server
"TCP Query User{02FEAEB1-6154-4BE5-A456-685E7DF12AF7}c:\\xampp\\mysql\\bin\\mysqld.exe"= UDP:c:\xampp\mysql\bin\mysqld.exe:mysqld
"UDP Query User{6F4D13FA-B907-49C2-8877-ED78A54A8382}c:\\xampp\\mysql\\bin\\mysqld.exe"= TCP:c:\xampp\mysql\bin\mysqld.exe:mysqld
"TCP Query User{80E9F7E1-E234-4F89-AD59-3BB3CE6B9966}c:\\program files\\phpdesigner 2008\\phpdesigner2008.exe"= UDP:c:\program files\phpdesigner 2008\phpdesigner2008.exe:phpDesigner2008
"UDP Query User{22EA4F66-C377-4D31-943A-3070F71E857F}c:\\program files\\phpdesigner 2008\\phpdesigner2008.exe"= TCP:c:\program files\phpdesigner 2008\phpdesigner2008.exe:phpDesigner2008
"TCP Query User{B7BD7AF3-C00E-4DAF-B6D2-7F6B0AE98B50}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{85C96C69-7BA6-4D37-9965-7996C746CFBB}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{E183F825-3220-4E1C-9BB6-27654D0072ED}"= UDP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"{389BCAEB-4BF8-49AA-9DEE-E0370E838D92}"= TCP:c:\program files\Anyplace Control 4\apc_host.exe:Anyplace Control - Host Module
"{F0A333B8-7BCB-4F71-AD83-71F241BDD0DE}"= UDP:c:\program files\VMware\VMware Player\vmware-authd.exe:VMware Authd
"{33BA8516-6F1B-408C-AB39-AFA851ADAFFB}"= TCP:c:\program files\VMware\VMware Player\vmware-authd.exe:VMware Authd
"TCP Query User{B5D455B3-A4B5-436B-8BB7-DA6B09744167}c:\\program files\\steam\\steamapps\\carpenoctum319\\source sdk base\\hl2.exe"= UDP:c:\program files\steam\steamapps\carpenoctum319\source sdk base\hl2.exe:hl2
"UDP Query User{7EED8399-8E53-4A9C-8415-F929086DC6FD}c:\\program files\\steam\\steamapps\\carpenoctum319\\source sdk base\\hl2.exe"= TCP:c:\program files\steam\steamapps\carpenoctum319\source sdk base\hl2.exe:hl2
"TCP Query User{E7E24832-4E4A-4A66-B5C3-497E66957253}c:\\program files\\hamachi\\hamachi.exe"= UDP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"UDP Query User{063D21C6-F560-47F2-9336-D29A2D5A5E80}c:\\program files\\hamachi\\hamachi.exe"= TCP:c:\program files\hamachi\hamachi.exe:Hamachi Client
"{9AA045E5-7B9D-41B1-8310-C5D913CFFC20}"= UDP:c:\program files\CCFile\ccfile.exe:CCFile
"{76A7B4A9-11E9-4BCC-BA4B-7391A298C6E5}"= TCP:c:\program files\CCFile\ccfile.exe:CCFile
"{38909F9A-AF83-45CF-8667-5634230F395E}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{2676C7E1-2168-4FB3-818A-9D75975CF212}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{6B65DC03-5DEF-4DDA-BA9F-3B60D1D744F5}"= UDP:c:\program files\Steam\SteamApps\common\geometry wars\GeometryWars.exe:Geometry Wars
"{06699FA1-117F-49CE-8A73-33BB9E5D466A}"= TCP:c:\program files\Steam\SteamApps\common\geometry wars\GeometryWars.exe:Geometry Wars
"TCP Query User{83DA0233-C200-4552-BA87-559C4773DA56}c:\\worms armageddon\\wa.exe"= UDP:c:\worms armageddon\wa.exe:Worms Armageddon
"UDP Query User{F2314B2E-B9B5-4420-B618-5E7E3E50DBD2}c:\\worms armageddon\\wa.exe"= TCP:c:\worms armageddon\wa.exe:Worms Armageddon
"{714B7C88-ADC5-49E9-A392-7AD4B023A255}"= UDP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service
"{944C3344-5230-4986-BD23-817A5585E39E}"= TCP:c:\program files\McAfee\Common Framework\FrameworkService.exe:McAfee Framework Service
"TCP Query User{C7E9FDFF-FA64-49BC-BF24-14A65846BD8E}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{376DCA30-59C9-4EFF-9689-A10348EC5E5D}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{40E4D570-07E5-4C85-80F2-50D923DD4323}c:\\program files\\xchat\\xchat.exe"= UDP:c:\program files\xchat\xchat.exe:XChat IRC Client
"UDP Query User{F0E851D2-9BAA-4858-93DB-EAD06C553B90}c:\\program files\\xchat\\xchat.exe"= TCP:c:\program files\xchat\xchat.exe:XChat IRC Client
"TCP Query User{996E9420-6C82-4D4B-8A6B-6CD95B0323D1}c:\\windows\\system32\\javaw.exe"= UDP:c:\windows\system32\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{AC2D289F-4520-486B-906D-AECB64F96C91}c:\\windows\\system32\\javaw.exe"= TCP:c:\windows\system32\javaw.exe:Java(TM) Platform SE binary
"{4571E4D8-28AB-44B3-93B8-253C544AC574}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{03ABA3B7-64DE-4AA6-B42B-BCF3A30287DA}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{86618C97-3D61-4E24-A85C-35725B787170}c:\\program files\\labtech client\\ltclient.exe"= UDP:c:\program files\labtech client\ltclient.exe:LTClient
"UDP Query User{7A6D1D12-5D3C-4C8B-8B6D-CF954FAC2C40}c:\\program files\\labtech client\\ltclient.exe"= TCP:c:\program files\labtech client\ltclient.exe:LTClient
"TCP Query User{12FE33EF-DB63-414A-9DD3-C2EC0AE15643}c:\\accsdk_win32_1_6_8\\dist\\release\\accbuddy.exe"= UDP:c:\accsdk_win32_1_6_8\dist\release\accbuddy.exe:AccBuddy Sample Application
"UDP Query User{4119EC3C-8A30-4A11-AE1F-119F7A706500}c:\\accsdk_win32_1_6_8\\dist\\release\\accbuddy.exe"= TCP:c:\accsdk_win32_1_6_8\dist\release\accbuddy.exe:AccBuddy Sample Application
"TCP Query User{4033AAB6-C154-4002-B67A-15DE80E5FE28}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{239F2AF2-D097-4060-B67A-54C5B98913DC}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{ADC6B8E6-6B9C-4366-A7AA-B0912EF4DAA3}c:\\users\\philip\\appdata\\local\\temp\\rarsfx0\\windows utilities\\installer32\\installationmanager.exe"= UDP:c:\users\philip\appdata\local\temp\rarsfx0\windows utilities\installer32\installationmanager.exe:installationmanager.exe
"UDP Query User{E5EF110D-8512-47C3-A57D-3269C56093FD}c:\\users\\philip\\appdata\\local\\temp\\rarsfx0\\windows utilities\\installer32\\installationmanager.exe"= TCP:c:\users\philip\appdata\local\temp\rarsfx0\windows utilities\installer32\installationmanager.exe:installationmanager.exe
"TCP Query User{9860E65A-9432-44A8-9B0F-83687E9DE417}c:\\xampp\\apache\\bin\\apache.exe"= UDP:c:\xampp\apache\bin\apache.exe:Apache HTTP Server
"UDP Query User{66B44BAB-533F-4929-80C9-66369222AC8F}c:\\xampp\\apache\\bin\\apache.exe"= TCP:c:\xampp\apache\bin\apache.exe:Apache HTTP Server
"TCP Query User{D2C65975-9F06-4D7D-A7B7-449766923317}c:\\xampp\\mysql\\bin\\mysqld.exe"= UDP:c:\xampp\mysql\bin\mysqld.exe:mysqld
"UDP Query User{FB39A351-4C19-4C4C-A2CC-8BE1242A5E93}c:\\xampp\\mysql\\bin\\mysqld.exe"= TCP:c:\xampp\mysql\bin\mysqld.exe:mysqld
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= c:\program files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"c:\\Program Files\\xchat\\xchat.exe"= c:\program files\xchat\xchat.exe:*:Enabled:XChat IRC Client
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [6/15/2009 11:37 AM 28544]
R2 CALoadService;CALoadService;c:\program files\AMD\CodeAnalyst\bin\CALoadService.exe [10/30/2008 4:07 PM 65536]
R2 KodakSvc;Kodak AiO Device Service;c:\program files\Kodak\Printer\Center\KodakSvc.exe [12/13/2007 11:07 AM 18944]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [1/22/2009 5:31 AM 185640]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [7/11/2008 9:51 PM 24652]
R2 vmci;VMware vmci;c:\windows\System32\drivers\vmci.sys [10/29/2008 12:01 AM 54960]
R3 CAPROF;CAPROF;c:\program files\AMD\CodeAnalyst\bin\caprof.sys [10/30/2008 4:01 PM 47160]
S2 gupdate1c9f0e262a2b55a;Google Update Service (gupdate1c9f0e262a2b55a);c:\program files\Google\Update\GoogleUpdate.exe [6/19/2009 9:32 AM 133104]
S3 PL-40R;CASIO USB MIDI;c:\windows\System32\drivers\pl40rwdm.sys [1/6/2005 6:10 AM 18048]
S4 LTService;Liberteks;c:\windows\LTSvc\LTSVC.exe -sLTService --> c:\windows\LTSvc\LTSVC.exe -sLTService [?]
S4 LTSvcMon;Liberteks CheckUp Util;c:\windows\LTSVC\LTSvcMon.exe [6/10/2009 12:25 PM 86017]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
2009-07-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-28 20:41]
2009-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-19 13:32]
2009-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-19 13:32]
2009-07-01 c:\windows\Tasks\HPCeeScheduleForPhilip.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-02-29 19:58]
2009-07-02 c:\windows\Tasks\User_Feed_Synchronization-{3B7FE522-F7F9-4C5D-A81E-F5A71EFD17B3}.job
- c:\windows\system32\msfeedssync.exe [2009-03-19 11:31]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Aim6 - (no file)
HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.gmail.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\VMware\VMware Player\vsocklib.dll
Trusted Zone: dyndns.biz\liberteks
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-07-02 08:24
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-07-02 8:27
ComboFix-quarantined-files.txt 2009-07-02 12:27
Pre-Run: 62,214,090,752 bytes free
Post-Run: 62,254,080,000 bytes free
1128 --- E O F --- 2009-06-29 19:12
HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:42: AM, on 7/2/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: LastClosedTab - {e15e75e9-a653-42a3-8d05-f2f7e309bdca} - mscoree.dll (file missing)
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Network Monitoring Tray.lnk = C:\Windows\LTSVC\LTTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Open Last Closed Tab - {e15e75e9-a653-42a3-8d05-f2f7e309bdca} - mscoree.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: liberteks.dyndns.biz (HKLM)
O15 - Trusted IP range: 192.168.1.125 (HKLM)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) -
http://cdn.scan.onecare.live.com/res.../wlscctrl2.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) -
http://h20270.www2.hp.com/ediags/gmn...Detection2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CALoadService - Advanced Micro Devices - C:\Program Files\AMD\CodeAnalyst\bin\CALoadService.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate1c9f0e262a2b55a) (gupdate1c9f0e262a2b55a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak AiO Device Service (KodakSvc) - Eastman Kodak Company - C:\Program Files\Kodak\printer\center\KodakSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10333 bytes