Tech Support Forum - View Single Post - Browser rendered useless, svchost.exe problems.

shinsengumi · 07-11-2009, 02:29 PM

DDS (Ver_09-06-26.01) - NTFSx86
Run by Compaq_Administrator at 15:17:12.59 on Sat 07/11/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.958.688 [GMT -5:00]

AV: Trend Micro PC-cillin Internet Security 2006 *On-access scanning disabled* (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Trend Micro PC-cillin Internet Security (Firewall) *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\WINDOWS\arservice.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\srvany.exe
C:\pvsw\bin\w3dbsmgr.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\windows\ld11.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\windows\pp10.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\MirageBot\MirageBot.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe -k sys
C:\WINDOWS\system32\svchost.exe -k podmena
C:\Documents and Settings\Compaq_Administrator\My Documents\download\ferdinkledink\dds.scr

============== Pseudo HJT Report ===============

uWindow Title = Microsoft Internet Explorer provided by Bellsouth® Internet Service
uStart Page = hxxp://www.my.att.net/
uDefault_Page_URL = hxxp://home.bellsouth.net
uSearch Bar = hxxp://home.bellsouth.net/brw_minisearch
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://accelerator.bellsouth.net/
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
BHO: MRI_DISABLED - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: BHO: {5b1d95a2-f547-4e5e-8902-622b08354622} - c:\windows\system32\iehelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AIM] c:\program files\aim\aim.exe -cnetwait.odl
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [WordPerfect Office 1215] c:\program files\wordperfect office 12\programs\Registration.exe /title="WordPerfect Office 12" /date=072609 serial=wa12wrx-0000002-hmd lang=EN
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
mRun: [sysldtray] c:\windows\ld11.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [pp] c:\windows\pp10.exe
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_05\bin\npjpi150_05.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
LSP: c:\windows\system32\lsp.dll
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://echat.bellsouth.net/sdccommon/download/tgctlcm.cab
DPF: {2CA2C9B8-E4F6-4BE9-8601-52ED0AFBA79D} - hxxp://asp.mathxl.com/books/_Players/AccountingPlayer.cab
DPF: {4FE89055-5300-469E-AFAD-DEB3181EDE76} - hxxp://asp.mathxl.com/applets/PearsonInstallAsst.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab
TCP: {9F83145F-552A-490E-A765-4B4365BF09E6} = 205.152.132.23 205.152.144.23
Filter: text/html - {3eb98e83-1610-459f-8de8-946e5099c64e} - c:\windows\system32\mst123.dll
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: MRI_DISABLED - c:\windows\system32\__c00E3C7D.dat
LSA: Notification Packages = scecli

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\compaq~1\applic~1\mozilla\firefox\profiles\nkj9z70n.default\
FF - prefs.js: browser.startup.homepage - hxxp://doc.hostingdelivered.com/
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJPI150_05.dll
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPOJI610.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R1 driverdrv;driverdrv;c:\program files\driver\driver.sys [2009-6-18 9472]
R1 podmenadrv;podmenadrv;c:\program files\podmena\podmena.sys [2009-6-9 9472]
R1 sysdrv;sysdrv;c:\program files\sys\sys.sys [2009-6-25 9344]
R2 LeapFrog Connect Device Service;LeapFrog Connect Device Service;c:\program files\leapfrog\leapfrog connect\CommandService.exe [2009-2-4 991232]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 Pervasive.SQL Workgroup Engine;Pervasive.SQL Workgroup Engine;c:\windows\system32\srvany.exe [2008-8-30 13864]
R2 podmena;podmena;c:\windows\system32\svchost.exe -k podmena [2004-8-10 14336]
R2 sys;sys;c:\windows\system32\svchost.exe -k sys [2004-8-10 14336]
R2 Tmfilter;Tmfilter;c:\windows\system32\drivers\tmxpflt.sys [2005-9-26 190480]
R2 Tmpreflt;Tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2005-9-26 31248]
R3 acfva;acfva;c:\windows\system32\drivers\ACFVA32.sys [2009-6-23 86656]
R3 dgcfltr;DGC Filter Driver;c:\windows\system32\drivers\ACFDCP32.sys [2009-6-23 28928]
S2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\trendm~1\intern~1\Tmntsrv.exe [2005-9-28 340037]
S2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\trendm~1\intern~1\TmPfw.exe [2005-9-12 630845]
S2 tmproxy;Trend Micro Proxy Service;c:\progra~1\trendm~1\intern~1\tmproxy.exe [2005-9-12 286788]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2009-4-13 18560]
S3 HSFHWCD2;HSFHWCD2;c:\windows\system32\drivers\HSFHWCD2.sys [2009-6-18 201728]
S3 papycpu;papycpu; [x]
S4 Ca533av;Icatch(IV) Video Camera Device;c:\windows\system32\drivers\ca533av.sys --> c:\windows\system32\drivers\Ca533av.sys [?]
S4 dump_wmimmc;dump_wmimmc;\??\c:\nexon\maplestory\gameguard\dump_wmimmc.sys --> c:\nexon\maplestory\gameguard\dump_wmimmc.sys [?]
S4 USBCamera;Icatch(IV) Still Camera Device;c:\windows\system32\drivers\bulk533.sys --> c:\windows\system32\drivers\Bulk533.sys [?]

=============== Created Last 30 ================

2009-07-10 00:31 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PCSettings
2009-07-10 00:30 <DIR> --d----- c:\program files\sys
2009-07-10 00:29 <DIR> --d----- c:\windows\Options
2009-07-10 00:28 <DIR> --d----- c:\program files\CONEXANT
2009-07-10 00:28 <DIR> --d----- c:\program files\driver
2009-07-10 00:26 <DIR> --d----- c:\program files\common files\muvee Technologies
2009-07-09 23:07 2 a------- c:\windows\0101120101464849.dat
2009-07-09 23:07 1 a------- c:\windows\934fdfg34fgjf23
2009-07-09 23:07 15,360 ----h--- c:\windows\pp10.exe
2009-07-01 16:56 33,792 a------- c:\windows\freddy49.exe
2009-06-28 04:08 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2009-06-28 04:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Norton
2009-06-28 03:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NortonInstaller
2009-06-26 23:56 77,161 a------- c:\windows\War3Unin.dat
2009-06-26 23:56 139,264 a------- c:\windows\War3Unin.exe
2009-06-26 23:56 2,829 a------- c:\windows\War3Unin.pif
2009-06-25 18:42 2 a------- c:\windows\010112010146118114.dat
2009-06-25 18:42 15,360 ----h--- c:\windows\ld11.exe
2009-06-24 16:50 139 a------- C:\d45.bat
2009-06-24 16:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Geek Squad
2009-06-23 21:47 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-06-23 17:51 16,128 a------- c:\windows\system32\drivers\MODEMCSA.sys
2009-06-23 17:51 16,128 a------- c:\windows\system32\dllcache\modemcsa.sys
2009-06-23 17:50 26,112 a------- c:\windows\system32\drivers\usbser.sys
2009-06-23 17:50 26,112 a------- c:\windows\system32\dllcache\usbser.sys
2009-06-23 17:45 <DIR> --d----- c:\program files\NetWaiting
2009-06-23 17:44 212,992 a------- c:\windows\system32\UCI32C19.dll
2009-06-23 17:44 147,456 a------- c:\windows\system32\TAP32C03.dll
2009-06-23 17:44 94,208 a------- c:\windows\system32\ACFSDK32.dll
2009-06-23 17:44 86,656 a------- c:\windows\system32\drivers\ACFVA32.sys
2009-06-23 17:44 28,928 a------- c:\windows\system32\drivers\ACFDCP32.sys
2009-06-23 17:44 12,672 a------- c:\windows\system32\drivers\ACFSDK32.sys
2009-06-22 02:11 <DIR> --d----- c:\program files\MirageBot
2009-06-22 02:11 <DIR> --d----- c:\docume~1\compaq~1\applic~1\MirageBot
2009-06-22 00:09 2 ----h--- c:\windows\ro122621.dat
2009-06-20 23:22 2 ----h--- c:\windows\ro122597.dat
2009-06-18 18:58 2 ----h--- c:\windows\ro122689.dat
2009-06-18 17:59 201,728 a------- c:\windows\system32\drivers\HSFHWCD2.sys
2009-06-18 17:59 129,012 a------- c:\windows\system32\drivers\HSFProf.cty
2009-06-18 17:59 32,218 a------- c:\windows\system32\HSFCI009.dll
2009-06-18 17:59 1,041,536 a------- c:\windows\system32\drivers\HSF_DP.sys
2009-06-18 17:59 682,752 a------- c:\windows\system32\drivers\HSF_CNXT.sys
2009-06-18 17:53 14,848 a------- c:\windows\system32\mpnatapi.dll
2009-06-18 17:51 296 a------- c:\windows\artera.usr
2009-06-18 17:48 494 a------- c:\windows\EReg206.dat
2009-06-18 17:45 552,960 -------- c:\windows\system32\FAST2003.ocx
2009-06-18 17:45 204,800 -------- c:\windows\system32\FAST2006.ocx
2009-06-18 17:45 126,976 -------- c:\windows\system32\FAST2004.dll
2009-06-18 17:45 103,744 -------- c:\windows\system32\MSCOMM32.OCX
2009-06-17 18:40 21,504 a------- c:\windows\system32\hidserv.dll
2009-06-17 18:40 21,504 a------- c:\windows\system32\dllcache\hidserv.dll
2009-06-17 18:40 14,592 a------- c:\windows\system32\drivers\kbdhid.sys
2009-06-17 18:40 14,592 a------- c:\windows\system32\dllcache\kbdhid.sys
2009-06-16 19:50 5,632 a------- c:\windows\system32\ptpusb.dll
2009-06-16 19:50 159,232 a------- c:\windows\system32\ptpusd.dll
2009-06-16 18:16 <DIR> --d----- c:\program files\common files\Nikon
2009-06-16 18:16 <DIR> --d----- c:\program files\Nikon
2009-06-16 18:16 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLdu.DAT
2009-06-12 20:52 2 ----h--- c:\windows\ro123198.dat
2009-06-12 20:52 1 ----h--- c:\windows\bf23567.dat
2009-06-12 19:53 2 ----h--- c:\windows\ro123222.dat
2009-06-12 19:52 2 ----h--- c:\windows\ro123290.dat
2009-06-12 19:48 183,296 a------- c:\windows\system32\lsp.dll
2009-06-12 19:48 96,768 a------- c:\windows\syssvc.exe

==================== Find3M ====================

2009-07-11 13:19 92,947 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-07-11 13:18 45,056 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\uninstallui\eHelpSetup.exe
2009-07-11 13:18 44,032 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\scripts\devcon.exe
2009-07-11 13:18 32,768 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\uploadHSC.dll
2009-07-11 13:18 341,048 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\HPBasicDetection3.dll
2009-07-11 13:18 163,840 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemcheck.dll
2009-07-11 13:18 61,440 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemutil.dll
2009-07-11 13:18 40,960 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\ScDmi.dll
2009-07-11 13:18 32,768 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\Scom.dll
2009-06-16 18:16 106,496 a------- c:\windows\system32\ATL71.DLL
2009-06-13 20:41 10,752 a------- c:\windows\system32\iehelper.dll
2009-06-09 17:47 43,008 ----h--- c:\windows\ld09.exe
2009-06-09 17:47 262,672 a------- c:\windows\sysguard.exe
2009-04-22 00:18 95,232 a------- c:\windows\system32\msscript.ocx.tmp
2006-06-02 15:17 0 ac------ c:\docume~1\compaq~1\applic~1\wklnhst.dat

============= FINISH: 15:17:21.12 ===============

07-11-2009, 02:29 PM	#4 (permalink)
shinsengumi Registered User Join Date: Jul 2009 Posts: 12 OS: win xp	Re: Browser rendered useless, svchost.exe problems. DDS (Ver_09-06-26.01) - NTFSx86 Run by Compaq_Administrator at 15:17:12.59 on Sat 07/11/2009 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.958.688 [GMT -5:00] AV: Trend Micro PC-cillin Internet Security 2006 On-access scanning disabled (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5} FW: Trend Micro PC-cillin Internet Security (Firewall) enabled {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE svchost.exe C:\WINDOWS\arservice.exe C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\srvany.exe C:\pvsw\bin\w3dbsmgr.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe C:\windows\ld11.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\windows\pp10.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\MirageBot\MirageBot.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\svchost.exe -k sys C:\WINDOWS\system32\svchost.exe -k podmena C:\Documents and Settings\Compaq_Administrator\My Documents\download\ferdinkledink\dds.scr ============== Pseudo HJT Report =============== uWindow Title = Microsoft Internet Explorer provided by Bellsouth® Internet Service uStart Page = hxxp://www.my.att.net/ uDefault_Page_URL = hxxp://home.bellsouth.net uSearch Bar = hxxp://home.bellsouth.net/brw_minisearch mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop uInternet Connection Wizard,ShellNext = hxxp://accelerator.bellsouth.net/ mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop BHO: MRI_DISABLED - No File BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: BHO: {5b1d95a2-f547-4e5e-8902-622b08354622} - c:\windows\system32\iehelper.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [AIM] c:\program files\aim\aim.exe -cnetwait.odl uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe mRun: [WordPerfect Office 1215] c:\program files\wordperfect office 12\programs\Registration.exe /title="WordPerfect Office 12" /date=072609 serial=wa12wrx-0000002-hmd lang=EN mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe" mRun: [sysldtray] c:\windows\ld11.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe mRun: [Logitech Utility] Logi_MwX.Exe mRun: [pp] c:\windows\pp10.exe mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_05\bin\npjpi150_05.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL LSP: c:\windows\system32\lsp.dll DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://echat.bellsouth.net/sdccommon/download/tgctlcm.cab DPF: {2CA2C9B8-E4F6-4BE9-8601-52ED0AFBA79D} - hxxp://asp.mathxl.com/books/_Players/AccountingPlayer.cab DPF: {4FE89055-5300-469E-AFAD-DEB3181EDE76} - hxxp://asp.mathxl.com/applets/PearsonInstallAsst.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab TCP: {9F83145F-552A-490E-A765-4B4365BF09E6} = 205.152.132.23 205.152.144.23 Filter: text/html - {3eb98e83-1610-459f-8de8-946e5099c64e} - c:\windows\system32\mst123.dll Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll Notify: AtiExtEvent - Ati2evxx.dll Notify: MRI_DISABLED - c:\windows\system32\__c00E3C7D.dat LSA: Notification Packages = scecli ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\compaq~1\applic~1\mozilla\firefox\profiles\nkj9z70n.default\ FF - prefs.js: browser.startup.homepage - hxxp://doc.hostingdelivered.com/ FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava11.dll FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava12.dll FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava13.dll FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava14.dll FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJava32.dll FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJPI150_05.dll FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPOJI610.dll ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); ============= SERVICES / DRIVERS =============== R1 driverdrv;driverdrv;c:\program files\driver\driver.sys [2009-6-18 9472] R1 podmenadrv;podmenadrv;c:\program files\podmena\podmena.sys [2009-6-9 9472] R1 sysdrv;sysdrv;c:\program files\sys\sys.sys [2009-6-25 9344] R2 LeapFrog Connect Device Service;LeapFrog Connect Device Service;c:\program files\leapfrog\leapfrog connect\CommandService.exe [2009-2-4 991232] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 Pervasive.SQL Workgroup Engine;Pervasive.SQL Workgroup Engine;c:\windows\system32\srvany.exe [2008-8-30 13864] R2 podmena;podmena;c:\windows\system32\svchost.exe -k podmena [2004-8-10 14336] R2 sys;sys;c:\windows\system32\svchost.exe -k sys [2004-8-10 14336] R2 Tmfilter;Tmfilter;c:\windows\system32\drivers\tmxpflt.sys [2005-9-26 190480] R2 Tmpreflt;Tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2005-9-26 31248] R3 acfva;acfva;c:\windows\system32\drivers\ACFVA32.sys [2009-6-23 86656] R3 dgcfltr;DGC Filter Driver;c:\windows\system32\drivers\ACFDCP32.sys [2009-6-23 28928] S2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\trendm~1\intern~1\Tmntsrv.exe [2005-9-28 340037] S2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\trendm~1\intern~1\TmPfw.exe [2005-9-12 630845] S2 tmproxy;Trend Micro Proxy Service;c:\progra~1\trendm~1\intern~1\tmproxy.exe [2005-9-12 286788] S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2009-4-13 18560] S3 HSFHWCD2;HSFHWCD2;c:\windows\system32\drivers\HSFHWCD2.sys [2009-6-18 201728] S3 papycpu;papycpu; [x] S4 Ca533av;Icatch(IV) Video Camera Device;c:\windows\system32\drivers\ca533av.sys --> c:\windows\system32\drivers\Ca533av.sys [?] S4 dump_wmimmc;dump_wmimmc;\??\c:\nexon\maplestory\gameguard\dump_wmimmc.sys --> c:\nexon\maplestory\gameguard\dump_wmimmc.sys [?] S4 USBCamera;Icatch(IV) Still Camera Device;c:\windows\system32\drivers\bulk533.sys --> c:\windows\system32\drivers\Bulk533.sys [?] =============== Created Last 30 ================ 2009-07-10 00:31 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PCSettings 2009-07-10 00:30 <DIR> --d----- c:\program files\sys 2009-07-10 00:29 <DIR> --d----- c:\windows\Options 2009-07-10 00:28 <DIR> --d----- c:\program files\CONEXANT 2009-07-10 00:28 <DIR> --d----- c:\program files\driver 2009-07-10 00:26 <DIR> --d----- c:\program files\common files\muvee Technologies 2009-07-09 23:07 2 a------- c:\windows\0101120101464849.dat 2009-07-09 23:07 1 a------- c:\windows\934fdfg34fgjf23 2009-07-09 23:07 15,360 ----h--- c:\windows\pp10.exe 2009-07-01 16:56 33,792 a------- c:\windows\freddy49.exe 2009-06-28 04:08 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec 2009-06-28 04:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Norton 2009-06-28 03:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NortonInstaller 2009-06-26 23:56 77,161 a------- c:\windows\War3Unin.dat 2009-06-26 23:56 139,264 a------- c:\windows\War3Unin.exe 2009-06-26 23:56 2,829 a------- c:\windows\War3Unin.pif 2009-06-25 18:42 2 a------- c:\windows\010112010146118114.dat 2009-06-25 18:42 15,360 ----h--- c:\windows\ld11.exe 2009-06-24 16:50 139 a------- C:\d45.bat 2009-06-24 16:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Geek Squad 2009-06-23 21:47 <DIR> --d----- c:\windows\system32\wbem\Repository 2009-06-23 17:51 16,128 a------- c:\windows\system32\drivers\MODEMCSA.sys 2009-06-23 17:51 16,128 a------- c:\windows\system32\dllcache\modemcsa.sys 2009-06-23 17:50 26,112 a------- c:\windows\system32\drivers\usbser.sys 2009-06-23 17:50 26,112 a------- c:\windows\system32\dllcache\usbser.sys 2009-06-23 17:45 <DIR> --d----- c:\program files\NetWaiting 2009-06-23 17:44 212,992 a------- c:\windows\system32\UCI32C19.dll 2009-06-23 17:44 147,456 a------- c:\windows\system32\TAP32C03.dll 2009-06-23 17:44 94,208 a------- c:\windows\system32\ACFSDK32.dll 2009-06-23 17:44 86,656 a------- c:\windows\system32\drivers\ACFVA32.sys 2009-06-23 17:44 28,928 a------- c:\windows\system32\drivers\ACFDCP32.sys 2009-06-23 17:44 12,672 a------- c:\windows\system32\drivers\ACFSDK32.sys 2009-06-22 02:11 <DIR> --d----- c:\program files\MirageBot 2009-06-22 02:11 <DIR> --d----- c:\docume~1\compaq~1\applic~1\MirageBot 2009-06-22 00:09 2 ----h--- c:\windows\ro122621.dat 2009-06-20 23:22 2 ----h--- c:\windows\ro122597.dat 2009-06-18 18:58 2 ----h--- c:\windows\ro122689.dat 2009-06-18 17:59 201,728 a------- c:\windows\system32\drivers\HSFHWCD2.sys 2009-06-18 17:59 129,012 a------- c:\windows\system32\drivers\HSFProf.cty 2009-06-18 17:59 32,218 a------- c:\windows\system32\HSFCI009.dll 2009-06-18 17:59 1,041,536 a------- c:\windows\system32\drivers\HSF_DP.sys 2009-06-18 17:59 682,752 a------- c:\windows\system32\drivers\HSF_CNXT.sys 2009-06-18 17:53 14,848 a------- c:\windows\system32\mpnatapi.dll 2009-06-18 17:51 296 a------- c:\windows\artera.usr 2009-06-18 17:48 494 a------- c:\windows\EReg206.dat 2009-06-18 17:45 552,960 -------- c:\windows\system32\FAST2003.ocx 2009-06-18 17:45 204,800 -------- c:\windows\system32\FAST2006.ocx 2009-06-18 17:45 126,976 -------- c:\windows\system32\FAST2004.dll 2009-06-18 17:45 103,744 -------- c:\windows\system32\MSCOMM32.OCX 2009-06-17 18:40 21,504 a------- c:\windows\system32\hidserv.dll 2009-06-17 18:40 21,504 a------- c:\windows\system32\dllcache\hidserv.dll 2009-06-17 18:40 14,592 a------- c:\windows\system32\drivers\kbdhid.sys 2009-06-17 18:40 14,592 a------- c:\windows\system32\dllcache\kbdhid.sys 2009-06-16 19:50 5,632 a------- c:\windows\system32\ptpusb.dll 2009-06-16 19:50 159,232 a------- c:\windows\system32\ptpusd.dll 2009-06-16 18:16 <DIR> --d----- c:\program files\common files\Nikon 2009-06-16 18:16 <DIR> --d----- c:\program files\Nikon 2009-06-16 18:16 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLdu.DAT 2009-06-12 20:52 2 ----h--- c:\windows\ro123198.dat 2009-06-12 20:52 1 ----h--- c:\windows\bf23567.dat 2009-06-12 19:53 2 ----h--- c:\windows\ro123222.dat 2009-06-12 19:52 2 ----h--- c:\windows\ro123290.dat 2009-06-12 19:48 183,296 a------- c:\windows\system32\lsp.dll 2009-06-12 19:48 96,768 a------- c:\windows\syssvc.exe ==================== Find3M ==================== 2009-07-11 13:19 92,947 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-07-11 13:18 45,056 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\uninstallui\eHelpSetup.exe 2009-07-11 13:18 44,032 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\scripts\devcon.exe 2009-07-11 13:18 32,768 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\uploadHSC.dll 2009-07-11 13:18 341,048 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\HPBasicDetection3.dll 2009-07-11 13:18 163,840 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemcheck.dll 2009-07-11 13:18 61,440 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemutil.dll 2009-07-11 13:18 40,960 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\ScDmi.dll 2009-07-11 13:18 32,768 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\Scom.dll 2009-06-16 18:16 106,496 a------- c:\windows\system32\ATL71.DLL 2009-06-13 20:41 10,752 a------- c:\windows\system32\iehelper.dll 2009-06-09 17:47 43,008 ----h--- c:\windows\ld09.exe 2009-06-09 17:47 262,672 a------- c:\windows\sysguard.exe 2009-04-22 00:18 95,232 a------- c:\windows\system32\msscript.ocx.tmp 2006-06-02 15:17 0 ac------ c:\docume~1\compaq~1\applic~1\wklnhst.dat ============= FINISH: 15:17:21.12 ===============