Just nu i M3-nätverket
Jump to content

XP-fel Ingen startmeny


Ilkka

Recommended Posts

Fick ett virus som gjorde att det inte gick att komma ut på nätet m.m.

Det hade maskerat sig som wuauct.exe i en ny catalog "program\microsoft common". Startmenyn kom upp om jag lät denna vara kvar men ljud och nät m.m. funkade inte.

När denna nu är borttagen så kommer inte startmenyn upp.

Jag har prövet med att ominstallera via cd och låta den gå till installation av Windows och där tryckt på 2 för reperation.

Windows fungerar så långt som fram till lösen och därefter visas bakgrundsbilden utan ikoner och uten startmeny.

Vad göra ?

 

/Ilkka

 

Link to comment
Share on other sites

Det låter som att det skulle kunna vara:

http://www.f-secure.com/v-descs/worm_w32_autorun_ga.shtml

Sprider sig via alla externa hårddiskar, USB-minnen och iPods och liknande. Så vet du hur datorn blev smittad? Har du anslutit något annat till datorn sedan dess som nu kan ha blivit smittat?

 

Det räcker inte med att bara ta bort Microsoft Common\wuauclt.exe för att bli av med infektionen. Jag kan söka runt lite efter bra tips.

 

Link to comment
Share on other sites

Hej !

Mig veterligt så har jag inte fått in det via annan hårddisk el.dyl.

Förmodligen har jag av misstag klickat på något olämplig i samband med en uppdatering av Delphi.

Mer info :

Jag kan komma åt de flesta program via aktivitetshandlaren även om jag plockar fram ett document så hittas Word samt att det går att få utskrifter. Utforskaren går däremot inte att få upp.

Det verkar vara något steg i inladdningen som inte fungerar.

Ilkka

 

 

Link to comment
Share on other sites

Vi kan se om HijackThis visar något till att börja med. Ladda ner från en av länkarna:

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat).

 

I ditt svar bifogar du HijackThis-loggen på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen

 

Link to comment
Share on other sites

OK ! Här är loggen

[log]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:53:16, on 2008-10-23

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\inetsrv\inetinfo.exe

C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe

C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE

c:\program\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

C:\Program\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe

C:\WINDOWS\system32\taskmgr.exe

C:\WINDOWS\system32\wscntfy.exe

G:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program\Unlocker\UnlockerAssistant.exe" -H

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [sRFirstRun] rundll32 srclient.dll,CreateFirstRunRp

O4 - HKLM\..\Run: [schedulingAgent] mstinit.exe /firstlogon

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"

O4 - HKCU\..\RunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: Nikon Monitor.lnk = C:\Program\Delade filer\Nikon\Monitor\NkMonitor.exe

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O15 - Trusted Zone: http://*.steenaero.com

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1210745509415

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1206420287515

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223271774031

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java körtidsmiljö 1.3.1_18) - http://javadl-esd.sun.com/update/1.3.1/jinstall-13-win32.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Panda Software Controller - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe

O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

 

--

End of file - 6605 bytes

[/log]

Ilkka

 

 

Link to comment
Share on other sites

OK ! men det ser ut som om det är program som körs via webben vilket inte går med den datorn eftersom jag inte kan ansluta med den.

Ilkka

 

 

 

Link to comment
Share on other sites

Du ska inte köra något på länken bara läsa om den filen.

 

Ladda ner OTViewIt till Skrivbordet:

http://oldtimer.geekstogo.com/OTViewIt.exe

 

Stäng alla program.

Kör OTViewIt.

Bocka för Scan all Users.

Välj 30 dagar för File Age om det redan är valt.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTViewIt.txt och Extras.txt, klistra in båda två i ditt svar.

 

Link to comment
Share on other sites

OTView och Extras !

[log]

OTViewIt logfile created on: 2008-10-23 21:49:54 - Run 3

OTViewIt by OldTimer - Version 1.0.18.0 Folder = C:\Servp2

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1022,42 Mb Total Physical Memory | 677,09 Mb Available Physical Memory | 66,22% Memory free

2,40 Gb Paging File | 2,18 Gb Available in Paging File | 90,93% Paging File free

Paging file location(s): c:\pagefile.sys 1536 3072;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 58,59 Gb Total Space | 9,78 Gb Free Space | 16,69% Space Free | Partition Type: NTFS

Drive D: | 17,73 Gb Total Space | 10,89 Gb Free Space | 61,41% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 74,52 Gb Total Space | 55,60 Gb Free Space | 74,61% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: HUVUD-DATOR

Current User Name: Administratör

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: Off

File Age = 30 Days

 

========== Processes ==========

 

[2008-04-14 21:35:10 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe

[2003-06-20 09:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe

[2004-04-23 06:24:00 | 00,114,755 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe

[2007-07-12 09:08:48 | 00,169,264 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrlS.exe

[2007-07-12 11:45:00 | 00,173,360 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe

[2007-06-14 16:38:02 | 00,063,024 | ---- | M] (Panda Software) -- C:\Program\Delade filer\Panda Software\PavShld\PavPrSrv.exe

[2007-09-28 13:29:00 | 00,148,272 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVSRV51.EXE

[2007-09-28 13:28:58 | 00,096,560 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE

[2007-04-04 10:45:08 | 00,226,864 | ---- | M] (Panda Software International) -- c:\Program\Panda Security\Panda Antivirus + Firewall 2008\FIREWALL\PSHost.exe

[2007-05-24 09:31:26 | 00,108,592 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe

[2008-04-14 21:35:22 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe

[2007-10-24 16:25:50 | 00,406,832 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

[2007-11-14 13:31:18 | 00,083,248 | ---- | M] (Panda Security International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\WEBPROXY.EXE

[2008-04-14 21:35:26 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe

[2008-04-14 18:05:24 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe

[2008-04-14 21:35:22 | 00,137,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\taskmgr.exe

[2008-10-23 21:44:42 | 00,421,888 | ---- | M] (OldTimer Tools) -- C:\Servp2\OTViewIt.exe

 

========== (O23) Win32 Services ==========

 

[2007-10-24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])

[2007-10-24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

[2008-06-26 10:24:08 | 00,031,592 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [On_Demand | Stopped])

[2005-04-04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])

[2008-04-14 21:35:10 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN [Auto | Running])

[2003-06-20 09:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Running])

[2004-04-23 06:24:00 | 00,114,755 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])

[2007-07-12 09:08:48 | 00,169,264 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsCtrlS.exe -- (Panda Software Controller [Auto | Running])

[2007-07-12 11:45:00 | 00,173,360 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe -- (PAVFNSVR [Auto | Running])

[2007-06-14 16:38:02 | 00,063,024 | ---- | M] (Panda Software) -- C:\Program\Delade filer\Panda Software\PavShld\PavPrSrv.exe -- (PavPrSrv [Auto | Running])

[2007-09-28 13:29:00 | 00,148,272 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVSRV51.EXE -- (PAVSRV [Auto | Running])

[2007-04-04 10:45:08 | 00,226,864 | ---- | M] (Panda Software International) -- c:\Program\Panda Security\Panda Antivirus + Firewall 2008\FIREWALL\PSHost.exe -- (PSHost [Auto | Running])

[2007-05-24 09:31:26 | 00,108,592 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe -- (PSIMSVC [Auto | Running])

[2008-04-14 21:35:10 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC [Auto | Running])

[2008-04-14 21:35:22 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe -- (SNMP [Auto | Running])

[2008-04-14 21:35:22 | 00,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])

[2007-10-24 16:25:50 | 00,406,832 | ---- | M] (Panda Software International) -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe -- (TPSrv [Auto | Running])

[2008-04-14 21:35:10 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC [Auto | Running])

[2006-11-15 11:49:34 | 00,912,384 | ---- | M] (Microsoft Corporation) -- C:\Program\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

 

========== Driver Services ==========

 

[2007-09-28 13:05:40 | 00,071,608 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\APPFLT.SYS -- (APPFLT [system | Running])

File not found -- -- (AvFlt [On_Demand | Running])

[2008-04-14 00:16:34 | 00,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthenum.sys -- (BthEnum [On_Demand | Stopped])

[2008-04-14 00:21:36 | 00,101,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthpan.sys -- (BthPan [On_Demand | Stopped])

[2008-04-14 21:07:04 | 00,273,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])

[2008-04-14 00:16:30 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthusb.sys -- (BTHUSB [On_Demand | Stopped])

[2004-02-24 03:28:14 | 00,815,360 | ---- | M] (C-Media Inc) -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda [On_Demand | Running])

[2008-10-22 07:35:22 | 00,013,880 | ---- | M] () -- C:\WINDOWS\system32\drivers\COMFiltr.sys -- (ComFiltr [On_Demand | Stopped])

[2007-06-08 07:44:06 | 00,024,760 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\cpoint.sys -- (cpoint [Auto | Running])

[2004-05-17 15:04:16 | 00,041,984 | ---- | M] (DeviceGuys, Inc.) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp [Auto | Running])

[2007-05-11 08:33:06 | 00,051,256 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\dsaflt.sys -- (DSAFLT [system | Running])

[2007-11-14 17:48:22 | 00,021,816 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\fnetmon.sys -- (FNETMON [system | Running])

[2008-04-14 00:15:30 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])

[2007-07-11 10:39:48 | 00,191,672 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\idsflt.sys -- (IDSFLT [system | Running])

[2001-03-01 09:00:00 | 00,041,312 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\system32\MemAcc.sys -- (MEMACC [Auto | Running])

[2001-08-17 22:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])

[2007-10-25 08:50:32 | 00,132,664 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\NETFLTDI.SYS -- (NETFLTDI [system | Running])

[2007-11-19 13:01:50 | 00,143,160 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\netimflt.sys -- (NETIMFLT01050097 [On_Demand | Running])

[2004-04-23 06:24:00 | 02,167,552 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand | Running])

[2004-01-13 06:36:00 | 00,063,744 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus [boot | Running])

[2003-10-29 07:02:00 | 00,021,120 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp [boot | Running])

[2008-04-14 00:26:08 | 00,088,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx [Auto | Running])

[2002-09-11 14:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb [Auto | Running])

[2002-09-11 14:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx [Auto | Running])

[2008-04-14 00:04:14 | 00,163,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwrdr.sys -- (NWRDR [On_Demand | Running])

[2007-09-28 13:24:18 | 00,083,896 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\pavdrv51.sys -- (PAVDRV [Auto | Running])

[2007-07-12 13:49:38 | 00,178,872 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc [Auto | Running])

File not found -- -- (PavSRK.sys [On_Demand | Running])

File not found -- -- (PavTPK.sys [On_Demand | Running])

[2002-09-11 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])

[2007-03-08 01:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

[2008-04-14 00:16:34 | 00,059,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Stopped])

[2002-09-11 14:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM [On_Demand | Running])

[2004-04-13 14:14:12 | 00,070,144 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])

[2008-04-13 22:09:18 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])

[2007-05-23 15:40:30 | 00,038,968 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv [system | Running])

[2007-05-11 08:33:32 | 00,037,304 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\smsflt.sys -- (SMSFLT [system | Running])

[2007-05-11 08:33:34 | 00,030,648 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\wnmflt.sys -- (WNMFLT [system | Running])

[2002-09-11 14:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [system | Running])

[2001-01-22 15:23:36 | 00,006,080 | ---- | M] (Zeal SoftStudio) -- C:\WINDOWS\system32\zntport.sys -- (zntport [Auto | Running])

 

========== (R ) Internet Explorer ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]

"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Default_Secondary_Page_URL"=

"Extensions Off Page"=about:NoAdd-ons

"Local Page"=%SystemRoot%\system32\blank.htm

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Security Risk Page"=about:SecurityRisk

"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]

"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\WINDOWS\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.google.se/

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

[HKEY_USERS\S-1-5-21-746137067-838170752-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main]

"Local Page"=C:\WINDOWS\system32\blank.htm

"Page_Transitions"=

"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

"Start Page"=http://www.google.se/

 

[HKEY_USERS\S-1-5-21-746137067-838170752-682003330-500\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-746137067-838170752-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyEnable" = 0

 

========== (O1) Hosts File ==========

 

HOSTS File = (710 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts

First 25 entries...

127.0.0.1 localhost

 

========== (O2) BHO's ==========

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]

{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

 

========== (O4) Run Keys ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)

"APVXDWIN"="C:\Program\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s (Panda Software International)

"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)

"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd File not found

"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)

"nwiz"=nwiz.exe /install (NVIDIA Corporation)

"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)

"SchedulingAgent"=mstinit.exe /firstlogon (Microsoft Corporation)

"SRFirstRun"=rundll32 srclient.dll,CreateFirstRunRp (Microsoft Corporation)

"UnlockerAssistant"="C:\Program\Unlocker\UnlockerAssistant.exe" -H ()

 

========== (O4) RunOnce Keys ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"TSClientAXDisabler"=cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat" (Microsoft Corporation)

"TSClientMSIUninstaller"=cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-746137067-838170752-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"TSClientAXDisabler"=cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat" (Microsoft Corporation)

"TSClientMSIUninstaller"=cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (Microsoft Corporation)

 

========== (O4) Startup Folders ==========

 

[2007-10-18 20:10:42 | 00,479,232 | ---- | M] (Nikon Corporation) -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Start-meny\Program\Autostart\Nikon Monitor.lnk = C:\Program\Delade filer\Nikon\Monitor\NkMonitor.exe

[1999-11-04 14:06:48 | 00,113,664 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\All Users.WINDOWS\Start-meny\Program\Autostart\Adobe Gamma Loader.exe.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

[2001-02-13 10:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users.WINDOWS\Start-meny\Program\Autostart\Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

 

========== (O6 & O7) Current Version Policies ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_USERS\S-1-5-21-746137067-838170752-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]

"NoDriveTypeAutoRun"=145

 

========== (O8) IE Context Menu Extensions ==========

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office10\EXCEL.EXE [2008-06-20 14:37:18 | 09,068,544 | R--- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-746137067-838170752-682003330-500\Software\Microsoft\Internet Explorer\MenuExt\]

E&xportera till Microsoft Excel: C:\Program\Microsoft Office\Office10\EXCEL.EXE [2008-06-20 14:37:18 | 09,068,544 | R--- | M] (Microsoft Corporation)

 

========== (O9) IE Extensions ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008-04-13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 18:05:13 | 01,695,232 | -HS- | M] (Microsoft Corporation)

{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008-04-14 18:05:13 | 01,695,232 | -HS- | M] (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 18:05:13 | 01,695,232 | -HS- | M] (Microsoft Corporation)

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 18:05:13 | 01,695,232 | -HS- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 18:05:13 | 01,695,232 | -HS- | M] (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-746137067-838170752-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Extensions\]

CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found

CmdMapping\\{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008-04-13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)

CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008-04-14 18:05:13 | 01,695,232 | -HS- | M] (Microsoft Corporation)

 

========== (O12) Internet Explorer Plugins ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]

PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s

PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

 

========== (O13) Default Prefixes ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]

""=http://

 

========== (O15) Trusted Sites ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

1 domain(s) and sub-domain(s) not assigned to a zone.

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

steenaero.com: http in Tillförlitliga platser

 

[HKEY_USERS\S-1-5-21-746137067-838170752-682003330-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]

steenaero.com: http in Tillförlitliga platser

 

========== (O16) DPF ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]

{5AE58FCF-6F6A-49B2-B064-02492C66E3F4}: http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1210745509415 -- MUCatalogWebControl Class

{6414512B-B978-451D-A0D8-FCFDF33E833C}: http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1206420287515 -- WUWebControl Class

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}: http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223271774031 -- MUWebControl Class

{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://javadl-esd.sun.com/update/1.3.1/jinstall-13-win32.cab -- Java Plug-in

{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}: http://java.sun.com/products/plugin/autodl/jinstall-1_3_1_18-windows-i586.cab -- Java Plug-in 1.3.1_18

{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}: http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab -- get_atlcom Class

{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object

DirectAnimation Java Classes: file://C:\WINDOWS\Java\classes\dajava.cab -- Reg Error: Key does not exist or could not be opened.

Microsoft XML Parser for Java: file://C:\WINDOWS\Java\classes\xmldso.cab -- Reg Error: Key does not exist or could not be opened.

 

========== (O17) DNS Name Servers ==========

 

{3CE0F06B-2469-4634-B08A-02ABE70A5FCE} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)

{5215A72D-9D7A-4CCC-9513-77C07CEB2EC3} (Servers: | Description: )

{6AE80D49-7345-4D9A-A79A-81A5ADA75D25} (Servers: | Description: )

{ED5E9325-6325-443A-BDC5-95A377D1DBA3} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)

 

========== (O20) Winlogon Notify Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]

avldr: "DllName" = avldr.dll -- C:\WINDOWS\system32\avldr.dll (Panda Software International)

 

========== IFEO "Debugger" Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\]

explorer.exe:"Debugger" = C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation)

 

========== LSA *Authentication Packages* ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Authentication Packages"=msv1_0,nwprovau,

>[2008-04-14 21:34:46 | 00,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nwprovau.dll

 

========== Safeboot Options ==========

 

"AlternateShell"=cmd.exe

 

========== CDRom AutoRun Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]

"AutoRun" = 1

 

========== Autorun Files on Drives ==========

 

AUTOEXEC.BAT [PATH | ]

[2004-11-01 08:45:19 | 00,000,007 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

 

AUTOEXEC.BAT []

[2008-07-28 11:13:46 | 00,000,000 | ---- | M] () -- G:\AUTOEXEC.BAT -- [ NTFS ]

 

========== MountPoints2 ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{737500ae-13cb-11da-a579-806d6172696f}\Shell]

""=AutoRun

 

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{737500ae-13cb-11da-a579-806d6172696f}\Shell\AutoRun\command]

""=F:\Autorun.exe -- File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[1 C:\*.tmp files]

[2 C:\WINDOWS\System32\*.tmp files]

[7 C:\WINDOWS\*.tmp files]

[2008-10-23 08:48:25 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys

[2008-10-23 08:48:25 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys

[2008-10-22 23:36:50 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpns.dll

[2008-10-22 23:33:59 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2008-10-22 23:26:47 | 01,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll

[2008-10-22 23:26:47 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll

[2008-10-22 23:26:47 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll

[2008-10-22 23:26:44 | 00,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl

[2008-10-22 23:23:54 | 00,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthport.sys

[2008-10-22 23:23:54 | 00,264,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\http.sys

[2008-10-22 23:23:54 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthpan.sys

[2008-10-22 23:23:54 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys

[2008-10-22 23:23:54 | 00,036,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ip6fw.sys

[2008-10-22 23:23:54 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys

[2008-10-22 23:23:54 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys

[2008-10-22 23:23:54 | 00,015,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mssmbios.sys

[2008-10-22 23:18:59 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$

[2008-10-22 20:34:16 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1hfm.exe

[2008-10-22 20:33:27 | 00,216,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl

[2008-10-22 20:05:08 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime

[2008-10-22 20:05:08 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime

[2008-10-22 20:05:08 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime

[2008-10-22 20:05:07 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime

[2008-10-22 20:05:07 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime

[2008-10-22 20:05:06 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime

[2008-10-22 20:05:05 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll

[2008-10-22 20:05:05 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys

[2008-10-22 20:05:03 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll

[2008-10-22 20:05:03 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll

[2008-10-22 20:05:02 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll

[2008-10-22 20:05:00 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll

[2008-10-22 20:05:00 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime

[2008-10-22 20:04:59 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe

[2008-10-22 20:04:57 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime

[2008-10-22 20:04:57 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe

[2008-10-22 20:04:57 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe

[2008-10-22 20:04:57 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll

[2008-10-22 20:04:56 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll

[2008-10-22 20:04:56 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys

[2008-10-22 20:04:56 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys

[2008-10-22 20:04:56 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys

[2008-10-22 20:04:52 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll

[2008-10-22 20:04:50 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll

[2008-10-22 20:04:49 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll

[2008-10-22 20:04:48 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll

[2008-10-22 20:04:48 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll

[2008-10-22 20:04:48 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll

[2008-10-22 20:04:48 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll

[2008-10-22 20:04:48 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll

[2008-10-22 20:04:48 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll

[2008-10-22 20:04:48 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll

[2008-10-22 20:04:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll

[2008-10-22 20:04:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll

[2008-10-22 20:04:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll

[2008-10-22 20:04:48 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll

[2008-10-22 20:04:48 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll

[2008-10-22 20:04:47 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll

[2008-10-22 20:04:41 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll

[2008-10-22 20:04:41 | 00,080,384 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll

[2008-10-22 20:04:39 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime

[2008-10-22 20:04:38 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe

[2008-10-22 20:04:36 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime

[2008-10-22 20:04:36 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe

[2008-10-22 20:04:35 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe

[2008-10-22 20:04:34 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll

[2008-10-22 20:04:34 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll

[2008-10-22 20:04:34 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll

[2008-10-22 20:04:33 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime

[2008-10-22 20:04:33 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll

[2008-10-22 20:04:33 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime

[2008-10-22 20:04:33 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe

[2008-10-22 20:04:33 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll

[2008-10-22 20:04:33 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll

[2008-10-22 20:04:32 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll

[2008-10-22 20:04:32 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll

[2008-10-22 20:04:32 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll

[2008-10-22 20:04:32 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll

[2008-10-22 20:04:24 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll

[2008-10-22 20:04:19 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex

[2008-10-22 20:04:19 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll

[2008-10-22 20:04:12 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys

[2008-10-22 20:04:11 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll

[2008-10-22 20:04:08 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex

[2008-10-22 20:04:08 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll

[2008-10-22 20:04:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll

[2008-10-22 20:04:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll

[2008-10-22 20:04:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll

[2008-10-22 20:04:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll

[2008-10-22 20:04:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll

[2008-10-22 20:04:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll

[2008-10-22 20:04:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll

[2008-10-22 20:04:06 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll

[2008-10-22 20:04:06 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll

[2008-10-22 20:04:06 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll

[2008-10-22 20:04:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll

[2008-10-22 20:04:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll

[2008-10-22 20:04:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll

[2008-10-22 20:04:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll

[2008-10-22 20:04:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll

[2008-10-22 20:04:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll

[2008-10-22 20:04:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll

[2008-10-22 20:04:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll

[2008-10-22 20:04:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll

[2008-10-22 20:04:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll

[2008-10-22 20:04:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll

[2008-10-22 20:04:05 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll

[2008-10-22 20:04:05 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll

[2008-10-22 20:04:04 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll

[2008-10-22 20:04:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll

[2008-10-22 20:04:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll

[2008-10-22 20:04:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll

[2008-10-22 20:04:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll

[2008-10-22 20:04:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll

[2008-10-22 20:04:04 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll

[2008-10-22 20:04:04 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll

[2008-10-22 20:04:03 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll

[2008-10-22 20:04:00 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll

[2008-10-22 20:04:00 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll

[2008-10-22 20:04:00 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll

[2008-10-22 20:04:00 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe

[2008-10-22 20:03:59 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll

[2008-10-22 20:03:59 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe

[2008-10-22 20:03:59 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll

[2008-10-22 20:03:59 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe

[2008-10-22 20:03:59 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe

[2008-10-22 20:03:59 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe

[2008-10-22 20:03:59 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe

[2008-10-22 20:03:59 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe

[2008-10-22 20:03:59 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll

[2008-10-22 20:03:59 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe

[2008-10-22 20:03:59 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe

[2008-10-22 20:03:59 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe

[2008-10-22 20:03:58 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll

[2008-10-22 20:03:58 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll

[2008-10-22 20:03:58 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime

[2008-10-22 20:03:58 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe

[2008-10-22 20:03:58 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex

[2008-10-22 20:03:58 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll

[2008-10-22 20:03:58 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll

[2008-10-22 20:03:58 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime

[2008-10-22 20:03:58 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll

[2008-10-22 20:03:58 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe

[2008-10-22 20:03:54 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll

[2008-10-22 20:03:51 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll

[2008-10-22 20:03:49 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll

[2008-10-22 20:03:48 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex

[2008-10-22 20:03:48 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll

[2008-10-22 20:03:46 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll

[2008-10-22 20:03:45 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll

[2008-10-22 20:03:44 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe

[2008-10-22 20:03:43 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll

[2008-10-22 20:03:43 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll

[2008-10-22 20:03:43 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll

[2008-10-22 20:03:43 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys

[2008-10-22 20:03:37 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime

[2008-10-22 20:03:36 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe

[2008-10-22 20:03:36 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe

[2008-10-22 20:03:34 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe

[2008-10-22 20:03:34 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll

[2008-10-22 20:03:34 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll

[2008-10-22 20:03:34 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll

[2008-10-22 20:03:34 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll

[2008-10-22 20:03:34 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime

[2008-10-22 20:03:33 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll

[2008-10-22 20:03:33 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll

[2008-10-22 20:03:33 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime

[2008-10-22 20:03:33 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe

[2008-10-22 20:03:33 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe

[2008-10-22 20:03:33 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe

[2008-10-22 20:03:33 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe

[2008-10-22 20:03:32 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys

[2008-10-22 20:03:32 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll

[2008-10-22 20:03:32 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll

[2008-10-22 20:01:48 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2008-10-22 20:01:23 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll

[2008-10-22 20:01:23 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll

[2008-10-22 20:01:23 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll

[2008-10-22 20:01:23 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll

[2008-10-22 20:01:22 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmsrvc.exe

[2008-10-22 20:01:22 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll

[2008-10-22 20:01:21 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll

[2008-10-22 20:01:20 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll

[2008-10-22 20:01:20 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll

[2008-10-22 20:01:20 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll

[2008-10-22 20:01:20 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll

[2008-10-22 20:01:19 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe

[2008-10-22 20:01:19 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll

[2008-10-22 20:01:19 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll

[2008-10-22 20:01:19 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe

[2008-10-22 20:01:17 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe

[2008-10-22 20:01:16 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe

[2008-10-22 20:01:16 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgr.dll

[2008-10-22 20:01:16 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll

[2008-10-22 20:01:13 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll

[2008-10-22 20:01:13 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll

[2008-10-22 20:01:13 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srsvc.dll

[2008-10-22 20:01:13 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll

[2008-10-22 20:01:13 | 00,073,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sr.sys

[2008-10-22 20:01:13 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srclient.dll

[2008-10-22 20:01:13 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll

[2008-10-22 20:01:13 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe

[2008-10-22 20:01:12 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msh261.drv

[2008-10-22 20:01:12 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll

[2008-10-22 20:01:12 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll

[2008-10-22 20:01:12 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll

[2008-10-22 20:01:11 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll

[2008-10-22 20:01:11 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll

[2008-10-22 20:01:10 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcomm.dll

[2008-10-22 20:01:09 | 00,277,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstask.dll

[2008-10-22 20:01:09 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schedsvc.dll

[2008-10-22 20:01:09 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe

[2008-10-22 19:59:11 | 00,349,696 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll

[2008-10-22 19:59:11 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe

[2008-10-22 19:59:11 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll

[2008-10-22 19:59:11 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe

[2008-10-22 19:59:11 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl

[2008-10-22 19:59:11 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe

[2008-10-22 19:59:11 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdtcp.sys

[2008-10-22 19:59:11 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe

[2008-10-22 19:59:11 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdpipe.sys

[2008-10-22 19:59:10 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll

[2008-10-22 19:59:10 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll

[2008-10-22 19:59:10 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll

[2008-10-22 19:59:10 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll

[2008-10-22 19:59:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtc.exe

[2008-10-22 19:59:09 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll

[2008-10-22 19:59:09 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll

[2008-10-22 19:59:09 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll

[2008-10-22 19:59:09 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll

[2008-10-22 19:59:09 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll

[2008-10-22 19:59:09 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll

[2008-10-22 19:59:09 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll

[2008-10-22 19:59:09 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll

[2008-10-22 19:59:09 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll

[2008-10-22 19:59:09 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll

[2008-10-22 19:59:09 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll

[2008-10-22 19:59:09 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe

[2008-10-22 19:59:09 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll

[2008-10-22 19:59:08 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatq.dll

[2008-10-22 19:59:08 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll

[2008-10-22 19:59:08 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll

[2008-10-22 19:59:08 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll

[2008-10-22 19:59:08 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll

[2008-10-22 19:59:07 | 00,059,079 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini

[2008-10-22 19:59:07 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll

[2008-10-22 19:59:07 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll

[2008-10-22 19:59:07 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll

[2008-10-22 19:59:07 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll

[2008-10-22 19:59:07 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll

[2008-10-22 19:59:07 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll

[2008-10-22 19:59:07 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll

[2008-10-22 19:59:07 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll

[2008-10-22 19:59:07 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll

[2008-10-22 19:59:07 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll

[2008-10-22 19:59:07 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll

[2008-10-22 19:59:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll

[2008-10-22 19:59:07 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe

[2008-10-22 19:59:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w3svapi.dll

[2008-10-22 19:59:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll

[2008-10-22 19:59:07 | 00,005,379 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.h

[2008-10-22 19:59:07 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ctrs.dll

[2008-10-22 19:59:07 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll

[2008-10-22 19:59:06 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx

[2008-10-22 19:59:06 | 00,014,663 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini

[2008-10-22 19:59:06 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisreset.exe

[2008-10-22 19:59:06 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe

[2008-10-22 19:59:06 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll

[2008-10-22 19:59:06 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aspperf.dll

[2008-10-22 19:59:06 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe

[2008-10-22 19:59:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftpsapi2.dll

[2008-10-22 19:59:06 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll

[2008-10-22 19:59:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisrstap.dll

[2008-10-22 19:59:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll

[2008-10-22 19:59:06 | 00,002,024 | ---- | C] () -- C:\WINDOWS\System32\axctrnm.h

[2008-10-22 19:59:05 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll

[2008-10-22 19:59:05 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisrtl.dll

[2008-10-22 19:59:05 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisext.dll

[2008-10-22 19:59:05 | 00,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iismap.dll

[2008-10-22 19:59:05 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll

[2008-10-22 19:59:05 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\admwprox.dll

[2008-10-22 19:59:05 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetsloc.dll

[2008-10-22 19:59:05 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll

[2008-10-22 19:59:05 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\exstrace.dll

[2008-10-22 19:59:05 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infoadmn.dll

[2008-10-22 19:59:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wamregps.dll

[2008-10-22 19:59:05 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll

[2008-10-22 19:59:05 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iismui.dll

[2008-10-22 19:59:05 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll

[2008-10-22 19:59:04 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll

[2008-10-22 19:59:03 | 00,017,566 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini

[2008-10-22 19:59:03 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infoctrs.dll

[2008-10-22 19:59:03 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll

[2008-10-22 19:59:03 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\staxmem.dll

[2008-10-22 19:59:03 | 00,003,276 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.h

[2008-10-22 19:59:02 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscom.dll

[2008-10-22 19:59:02 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsevent.dll

[2008-10-22 19:59:02 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe

[2008-10-22 19:59:02 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\convlog.exe

[2008-10-22 19:59:02 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsmon.dll

[2008-10-22 19:59:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll

[2008-10-22 19:59:02 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\admxprox.dll

[2008-10-22 19:59:00 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll

[2008-10-22 19:58:59 | 00,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe

[2008-10-22 19:58:59 | 00,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll

[2008-10-22 19:58:59 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe

[2008-10-22 19:58:59 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe

[2008-10-22 19:58:59 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe

[2008-10-22 19:58:59 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll

[2008-10-22 19:58:58 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstscax.dll

[2008-10-22 19:58:58 | 01,712,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll

[2008-10-22 19:58:58 | 01,712,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll

[2008-10-22 19:58:58 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe

[2008-10-22 19:58:58 | 00,598,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll

[2008-10-22 19:58:58 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe

[2008-10-22 19:58:58 | 00,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe

[2008-10-22 19:58:58 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpwd.sys

[2008-10-22 19:58:58 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll

[2008-10-22 19:58:58 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotepg.dll

[2008-10-22 19:58:58 | 00,053,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt.exe

[2008-10-22 19:58:58 | 00,053,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe

[2008-10-22 19:58:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauserv.dll

[2008-10-22 19:58:57 | 00,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll

[2008-10-22 19:58:57 | 00,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termsrv.dll

[2008-10-22 19:58:57 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll

[2008-10-22 19:58:57 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sessmgr.exe

[2008-10-22 19:58:57 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll

[2008-10-22 19:58:57 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe

[2008-10-22 19:58:57 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe

[2008-10-22 19:58:57 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe

[2008-10-22 19:58:57 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll

[2008-10-22 19:58:57 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll

[2008-10-22 19:58:57 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe

[2008-10-22 19:58:57 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll

[2008-10-22 19:58:56 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll

[2008-10-22 19:58:56 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll

[2008-10-22 19:58:55 | 00,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsxp32.dll

[2008-10-22 19:58:55 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxstiff.dll

[2008-10-22 19:58:55 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsiis.dll

[2008-10-22 19:58:55 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxswzrd.dll

[2008-10-22 19:58:55 | 00,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsui.dll

[2008-10-22 19:58:54 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsst.dll

[2008-10-22 19:58:54 | 00,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsapi.dll

[2008-10-22 19:58:54 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscomex.dll

[2008-10-22 19:58:54 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssvc.exe

[2008-10-22 19:58:54 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxst30.dll

[2008-10-22 19:58:54 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe

[2008-10-22 19:58:54 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe

[2008-10-22 19:58:54 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsdrv.dll

[2008-10-22 19:58:54 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsext32.dll

[2008-10-22 19:58:54 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsperf.dll

[2008-10-22 19:58:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsres.dll

[2008-10-22 19:58:52 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll

[2008-10-22 19:56:18 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys

[2008-10-22 19:56:17 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys

[2008-10-22 19:56:16 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys

[2008-10-22 19:56:15 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys

[2008-10-22 19:56:14 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys

[2008-10-22 19:55:58 | 00,058,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\redbook.sys

[2008-10-22 19:55:21 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax

[2008-10-22 19:55:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll

[2008-10-22 19:55:21 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys

[2008-10-22 19:55:20 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys

[2008-10-22 19:55:00 | 00,040,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\termdd.sys

[2008-10-22 19:54:59 | 00,196,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rdpdr.sys

[2008-10-22 19:54:41 | 00,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\audstub.sys

[2008-10-22 19:53:54 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv

[2008-10-22 19:53:54 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll

[2008-10-22 19:53:54 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll

[2008-10-22 19:53:54 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll

[2008-10-22 19:53:54 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll

[2008-10-22 19:53:54 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll

[2008-10-22 19:53:54 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irenum.sys

[2008-10-22 19:53:40 | 00,808,234 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT

[2008-10-22 19:53:40 | 00,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT

[2008-10-22 19:53:40 | 00,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT

[2008-10-22 19:53:40 | 00,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT

[2008-10-22 19:53:40 | 00,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT

[2008-10-22 19:53:40 | 00,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT

[2008-10-22 19:53:40 | 00,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT

[2008-10-22 19:53:40 | 00,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT

[2008-10-22 19:53:40 | 00,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT

[2008-10-22 19:53:40 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT

[2008-10-22 03:39:56 | 00,032,768 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System32\udaprop.dll

[2008-10-22 03:39:56 | 00,000,479 | ---- | C] () -- C:\WINDOWS\System\CmiCnfg.ini

[2008-10-22 03:39:54 | 01,458,176 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\SmWizard.exe

[2008-10-22 03:39:52 | 00,815,360 | ---- | C] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmuda.sys

[2008-10-22 03:39:51 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe

[2008-10-22 03:39:51 | 00,147,456 | ---- | C] (C-Media) -- C:\WINDOWS\System32\cmuda.dll

[2008-10-22 03:39:50 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll

[2008-10-22 03:39:49 | 00,917,504 | ---- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\System\cmids3d.dll

[2008-10-22 03:39:46 | 02,453,504 | ---- | C] (C-Media Corporation) -- C:\WINDOWS\System\cmicnfg.cpl

[2008-10-22 03:39:44 | 00,712,704 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3D.dll

[2008-10-22 03:20:54 | 00,000,430 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job

[2008-10-22 03:20:53 | 00,000,364 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job

[2008-10-22 03:20:48 | 00,000,411 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Skrivbord\RegCure.lnk

[2008-10-22 03:20:48 | 00,000,000 | ---D | C] -- C:\Program\RegCure

[2008-10-22 02:33:20 | 10,721,56672 | -HS- | C] () -- C:\hiberfil.sys

[2008-10-21 19:02:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\IIS Temporary Compressed Files

[2008-10-21 19:02:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Cache

[2008-10-21 19:02:09 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll

[2008-10-21 19:02:09 | 00,022,482 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini

[2008-10-21 19:02:09 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpctrs.dll

[2008-10-21 19:02:09 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll

[2008-10-21 19:02:09 | 00,008,002 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.h

[2008-10-21 19:02:09 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snprfdll.dll

[2008-10-21 19:02:09 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll

[2008-10-21 19:02:08 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll

[2008-10-21 19:02:08 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll

[2008-10-21 19:02:08 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll

[2008-10-21 19:02:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fcachdll.dll

[2008-10-21 19:02:08 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll

[2008-10-21 19:02:08 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll

[2008-10-21 19:02:08 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regtrace.exe

[2008-10-21 19:02:08 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe

[2008-10-21 19:02:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll

[2008-10-21 19:02:08 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsiisex.dll

[2008-10-21 19:02:08 | 00,001,059 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini

[2008-10-21 19:02:08 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.h

[2008-10-21 19:01:43 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll

[2008-10-21 19:01:43 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll

[2008-10-21 19:01:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll

[2008-10-21 19:01:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll

[2008-10-21 19:01:42 | 00,107,882 | ---- | C] () -- C:\WINDOWS\System32\mib_ii.mib

[2008-10-21 19:01:42 | 00,049,275 | ---- | C] () -- C:\WINDOWS\System32\wfospf.mib

[2008-10-21 19:01:42 | 00,038,608 | ---- | C] () -- C:\WINDOWS\System32\nipx.mib

[2008-10-21 19:01:42 | 00,034,317 | ---- | C] () -- C:\WINDOWS\System32\msiprip2.mib

[2008-10-21 19:01:42 | 00,030,448 | ---- | C] () -- C:\WINDOWS\System32\mcastmib.mib

[2008-10-21 19:01:42 | 00,026,236 | ---- | C] () -- C:\WINDOWS\System32\wins.mib

[2008-10-21 19:01:42 | 00,026,100 | ---- | C] () -- C:\WINDOWS\System32\lmmib2.mib

[2008-10-21 19:01:42 | 00,021,386 | ---- | C] () -- C:\WINDOWS\System32\mipx.mib

[2008-10-21 19:01:42 | 00,013,767 | ---- | C] () -- C:\WINDOWS\System32\msipbtp.mib

[2008-10-21 19:01:42 | 00,010,313 | ---- | C] () -- C:\WINDOWS\System32\mripsap.mib

[2008-10-21 19:01:42 | 00,004,332 | ---- | C] () -- C:\WINDOWS\System32\smi.mib

[2008-10-21 19:01:42 | 00,000,581 | ---- | C] () -- C:\WINDOWS\System32\msft.mib

[2008-10-21 19:01:41 | 00,048,593 | ---- | C] () -- C:\WINDOWS\System32\hostmib.mib

[2008-10-21 19:01:41 | 00,020,079 | ---- | C] () -- C:\WINDOWS\System32\http.mib

[2008-10-21 19:01:41 | 00,016,617 | ---- | C] () -- C:\WINDOWS\System32\authserv.mib

[2008-10-21 19:01:41 | 00,015,799 | ---- | C] () -- C:\WINDOWS\System32\ipforwd.mib

[2008-10-21 19:01:41 | 00,006,179 | ---- | C] () -- C:\WINDOWS\System32\ftp.mib

[2008-10-21 19:01:41 | 00,004,597 | ---- | C] () -- C:\WINDOWS\System32\dhcp.mib

[2008-10-21 19:01:41 | 00,000,698 | ---- | C] () -- C:\WINDOWS\System32\inetsrv.mib

[2008-10-21 19:01:40 | 00,015,597 | ---- | C] () -- C:\WINDOWS\System32\accserv.mib

[2008-10-21 19:00:03 | 00,000,000 | ---D | C] -- C:\Inetpub

[2008-10-21 17:46:28 | 00,000,372 | ---- | C] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Skrivbord\Genväg till Adamo.lnk

[2008-10-21 16:48:10 | 00,001,632 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat

[2008-10-21 15:59:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump

[2008-10-21 11:13:02 | 00,000,000 | ---D | C] -- C:\Program\Microsoft Common

[2008-10-21 08:19:57 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{DB0120A5-283F-4C63-9078-87A0BC934D77}

[2008-10-20 09:01:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll

[2008-10-20 09:01:45 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll

[2008-10-17 08:25:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI

[2008-10-17 08:25:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Application Data\Nikon

[2008-10-17 08:23:27 | 00,001,654 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Skrivbord\ViewNX.lnk

[2008-10-17 08:22:58 | 00,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Frameworks

[2008-10-17 08:22:58 | 00,000,268 | RH-- | C] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Application Data\Folder Actions Handlers

[2008-10-17 08:22:58 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLdw.DAT

[2008-10-17 08:22:58 | 00,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grapher

[2008-10-17 08:22:12 | 00,001,759 | ---- | C] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Start-meny\Program\Autostart\Nikon Monitor.lnk

[2008-10-17 08:22:06 | 00,000,000 | ---D | C] -- C:\Program\Delade filer\muvee Technologies

[2008-10-17 08:21:59 | 00,000,000 | ---D | C] -- C:\Program\Delade filer\Nikon

[2008-10-17 08:21:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nikon

[2008-10-17 08:21:55 | 00,000,000 | ---D | C] -- C:\Program\Nikon

[2008-10-17 08:21:28 | 00,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Fonts

[2008-10-17 08:21:28 | 00,000,268 | RH-- | C] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Application Data\Flowers

[2008-10-17 08:21:28 | 00,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Galaxy Swirl

[2008-10-17 08:21:27 | 00,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLdu.DAT

[2008-10-17 08:21:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ultima_T15

[2008-10-17 08:21:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EnterNHelp

[2008-10-16 07:43:22 | 00,037,376 | ---- | C] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Mina dokument\International Judging seminar preliminar document.doc

[2008-10-09 21:16:55 | 00,027,136 | ---- | C] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Mina dokument\Lunds Flygklubbs sista flygträff på Hasslanda.doc

[2008-09-27 08:47:21 | 00,003,532 | ---- | C] () -- C:\drmHeader.bin

[2008-09-26 06:00:00 | 00,025,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui

[2008-09-26 06:00:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution

 

========== Files - Modified Within 30 Days ==========

 

[1 C:\*.tmp files]

[2 C:\WINDOWS\System32\*.tmp files]

[7 C:\WINDOWS\*.tmp files]

[2008-10-23 21:49:16 | 00,260,976 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls.bck

[2008-10-23 21:49:16 | 00,260,976 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls

[2008-10-23 21:49:16 | 00,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg.bck

[2008-10-23 21:49:16 | 00,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg

[2008-10-23 21:49:16 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg.bck

[2008-10-23 21:49:16 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg

[2008-10-23 21:49:15 | 00,001,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck

[2008-10-23 21:49:15 | 00,001,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG

[2008-10-23 21:49:15 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg.bck

[2008-10-23 21:49:15 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg

[2008-10-23 21:49:15 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg.bck

[2008-10-23 21:49:15 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg

[2008-10-23 21:49:15 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\SmsFlt.cfg.bck

[2008-10-23 21:49:15 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\SmsFlt.cfg

[2008-10-23 21:48:52 | 00,000,956 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAV.alt.bck

[2008-10-23 21:48:52 | 00,000,956 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAV.alt

[2008-10-23 21:48:52 | 00,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt.bck

[2008-10-23 21:48:52 | 00,000,068 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt

[2008-10-23 21:48:50 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2008-10-23 21:48:14 | 00,000,430 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job

[2008-10-23 21:48:01 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2008-10-23 21:48:00 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2008-10-23 21:47:59 | 10,721,56672 | -HS- | M] () -- C:\hiberfil.sys

[2008-10-23 08:47:27 | 01,111,790 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2008-10-23 08:47:27 | 00,461,164 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2008-10-23 08:47:27 | 00,457,038 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2008-10-23 08:47:27 | 00,095,798 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2008-10-23 08:47:27 | 00,081,800 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2008-10-22 23:37:39 | 00,280,740 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck

[2008-10-22 23:37:39 | 00,280,740 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT

[2008-10-22 23:36:42 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2008-10-22 23:33:30 | 00,120,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008-10-22 23:32:25 | 00,002,711 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2008-10-22 23:27:52 | 00,000,211 | RHS- | M] () -- C:\boot.ini

[2008-10-22 23:23:39 | 00,250,560 | RHS- | M] () -- C:\ntldr

[2008-10-22 23:23:39 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008-10-22 20:06:42 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf

[2008-10-22 20:03:03 | 00,000,084 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start-meny\Program\Autostart\desktop.ini

[2008-10-22 20:03:02 | 00,000,800 | ---- | M] () -- C:\WINDOWS\win.ini

[2008-10-22 20:02:58 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml

[2008-10-22 20:02:57 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2008-10-22 20:02:57 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2008-10-22 20:02:56 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx

[2008-10-22 20:02:43 | 00,004,293 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI

[2008-10-22 20:01:48 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2008-10-22 20:01:48 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2008-10-22 20:01:42 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2008-10-22 20:00:05 | 00,026,424 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat

[2008-10-22 19:59:29 | 00,000,510 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf

[2008-10-22 19:53:58 | 00,000,250 | ---- | M] () -- C:\WINDOWS\system.ini

[2008-10-22 19:53:41 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Dokument\desktop.ini

[2008-10-22 19:53:41 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini

[2008-10-22 07:35:22 | 00,013,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys

[2008-10-22 07:34:55 | 00,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat

[2008-10-22 04:07:46 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLdw.DAT

[2008-10-22 04:07:26 | 00,718,029 | ---- | M] () -- C:\WINDOWS\setupapi.old

[2008-10-22 03:57:23 | 00,000,479 | ---- | M] () -- C:\WINDOWS\System\CmiCnfg.ini

[2008-10-22 03:39:57 | 00,000,092 | ---- | M] () -- C:\WINDOWS\CMISETUP.INI

[2008-10-22 03:39:57 | 00,000,026 | ---- | M] () -- C:\WINDOWS\CMCDPLAY.INI

[2008-10-22 03:20:54 | 00,000,364 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job

[2008-10-22 03:20:48 | 00,000,411 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Skrivbord\RegCure.lnk

[2008-10-21 17:46:28 | 00,000,372 | ---- | M] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Skrivbord\Genväg till Adamo.lnk

[2008-10-21 17:05:08 | 00,001,678 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2008-10-20 09:57:30 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PKP_DLdu.DAT

[2008-10-20 08:31:39 | 00,001,744 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2008-10-17 08:25:44 | 00,000,000 | ---- | M] () -- C:\WINDOWS\ViewNX.INI

[2008-10-17 08:23:27 | 00,001,654 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Skrivbord\ViewNX.lnk

[2008-10-17 08:22:58 | 00,000,268 | RH-- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Frameworks

[2008-10-17 08:22:58 | 00,000,268 | RH-- | M] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Application Data\Folder Actions Handlers

[2008-10-17 08:22:58 | 00,000,012 | RH-- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grapher

[2008-10-17 08:22:12 | 00,001,759 | ---- | M] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Start-meny\Program\Autostart\Nikon Monitor.lnk

[2008-10-17 08:21:28 | 00,000,268 | RH-- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Fonts

[2008-10-17 08:21:28 | 00,000,268 | RH-- | M] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Application Data\Flowers

[2008-10-17 08:21:28 | 00,000,012 | RH-- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Galaxy Swirl

[2008-10-17 08:21:21 | 00,106,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ATL71.DLL

[2008-10-16 07:43:22 | 00,037,376 | ---- | M] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Mina dokument\International Judging seminar preliminar document.doc

[2008-10-13 08:54:55 | 00,062,976 | ---- | M] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008-10-09 21:16:55 | 00,027,136 | ---- | M] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Mina dokument\Lunds Flygklubbs sista flygträff på Hasslanda.doc

[2008-10-06 06:37:41 | 00,002,471 | ---- | M] () -- C:\Documents and Settings\Administratör.HUVUD-DATOR\Skrivbord\Microsoft Word (2).lnk

[2008-09-27 08:47:48 | 00,003,532 | ---- | M] () -- C:\drmHeader.bin

< End of report >

OTViewIt Extras logfile created on: 2008-10-23 21:49:54 - Run 3

OTViewIt by OldTimer - Version 1.0.18.0 Folder = C:\Servp2

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1022,42 Mb Total Physical Memory | 677,09 Mb Available Physical Memory | 66,22% Memory free

2,40 Gb Paging File | 2,18 Gb Available in Paging File | 90,93% Paging File free

Paging file location(s): c:\pagefile.sys 1536 3072;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 58,59 Gb Total Space | 9,78 Gb Free Space | 16,69% Space Free | Partition Type: NTFS

Drive D: | 17,73 Gb Total Space | 10,89 Gb Free Space | 61,41% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

Drive G: | 74,52 Gb Total Space | 55,60 Gb Free Space | 74,61% Space Free | Partition Type: NTFS

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: HUVUD-DATOR

Current User Name: Administratör

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Whitelist: Off

File Age = 30 Days

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify"=0

"FirewallDisableNotify"=0

"UpdatesDisableNotify"=0

"AntiVirusOverride"=0

"FirewallOverride"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

"DisableMonitoring"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

"DisableMonitoring"=0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile

"EnableFirewall"=0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[2008-04-14 21:35:20 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2008-04-13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[2008-04-14 21:35:20 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[2008-04-13 20:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

 

========== (O10) Winsock2 Catalogs ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]

NameSpace_Catalog5\Catalog_Entries\000000000001 [bluetooth-namnområde] -- C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)

NameSpace_Catalog5\Catalog_Entries\000000000002 [NWLink IPX/SPX/NetBIOS Compatible Transport Protocol] -- C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

Protocol_Catalog9\Catalog_Entries\000000000001 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000002 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000003 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000004 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000005 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000006 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000007 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000008 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000009 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000010 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000011 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000012 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000013 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000014 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000015 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000016 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000017 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000018 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000019 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000020 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000021 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000022 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000023 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000024 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000025 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000026 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000027 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000028 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

Protocol_Catalog9\Catalog_Entries\000000000029 -- C:\Program\Panda Security\Panda Antivirus + Firewall 2008\PAVLSP.DLL (Panda Software International)

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell -- shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell -- shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell -- shell protocol not assigned

 

========== HKEY_USERS Protocol Defaults ==========

 

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols

shell -- shell protocol not assigned

 

========== (O18) Protocol Handlers ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2004-01-29 07:08:24 | 00,868,352 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Web Folders\PKMCDO.DLL (cdo:{CD00020A-8B95-11D1-82DB-00C04FB1625D} (HKLM) [Microsoft PKM KnowledgePluggable Class])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

ipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2004-01-29 07:08:24 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

msdaipp: [HKLM - No CLSID value]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2004-01-29 07:08:24 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers

[2004-01-29 07:08:24 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2005-09-23 05:28:18 | 00,866,304 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2000-04-19 18:47:36 | 00,520,117 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Information Retrieval\MSITSS.DLL (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]

[2008-01-24 15:22:56 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00203668-8170-44A0-BE44-B632FA4D780F}"=Adobe AIR

"{0E0131B2-CF18-40D9-A331-60A3746C1204}"=EPSON Scan

"{350C941d-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP

"{3AFA16E8-8D53-11D8-B7F7-0050BAED7E94}"=DigiDoc

"{639159C2-B27B-4208-8965-D8A0AEDBDED2}"=Microsoft .NET Framework 2.0 SDK - ENU

"{68249B78-B714-11D7-88E8-0050DA21757E}"=Java 2 körtidsmiljö, Standardversionen v1.3.1_18

"{68A35043-C55A-4237-88C9-37EE1C63ED71}"=Microsoft Visual J# 2.0 Redistributable Package

"{6C11D561-620B-47DA-A693-4C597F3CDF40}"=EPSON Smart Panel

"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable

"{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com

"{7B63B2922B174135AFC0E1377DD81EC2}"=DivX Codec

"{87441A59-5E64-4096-A170-14EFE67200C3}"=Picture Control Utility

"{8ADFC4160D694100B5B8A22DE9DCABD9}"=DivX Player

"{9028041D-6000-11D3-8CFE-0050048383C9}"=Microsoft Office XP Professional med FrontPage

"{92DF1607-ABCD-4511-8095-2436D94E952C}"=Microsoft DirectX SDK (March 2008)

"{9391F2BC-B6F3-4AAC-82CC-5A74A4ED388E}"=EPSON Photo Print

"{94FB906A-CF42-4128-A509-D353026A607E}"=REALTEK Gigabit and Fast Ethernet NIC Driver

"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}"=RTLSetup for Realtek RTL8139/810x Family NIC 3.00

"{98032D6F-3EE6-4646-B68C-40BF012AC89B}"=Panda Antivirus + Firewall 2008

"{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9

"{B13A7C41581B411290FBC0395694E2A9}"=DivX Converter

"{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1

"{B69CC1A5-0404-11D6-ABCB-005004C21D30}"=EPSON Copy Utility

"{B7031148-C6E7-40F6-A978-EED2E77E7D1B}"=RAD Studio

"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}"=Nikon Message Center

"{E966F0CC-76B3-11D3-945B-00C04FB1760A}"=BDE_ENT

"{E9757890-7EC5-46C8-99AB-B00F07B6525C}"=Nikon Transfer

"{E9B5AFCA-3956-462F-BD05-13BC8BDF10D1}"=Rad Studio Help System

"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}"=ScanToWeb

"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}"=ViewNX

"{F1E93221-15DA-4841-817E-D528C8871CB6}"=Async Pro

"AC3Filter"=AC3Filter (remove only)

"Ad-Aware SE Plus"=Ad-Aware SE Plus

"Adobe AIR"=Adobe AIR

"Adobe Flash Player Plugin"=Adobe Flash Player Plugin

"Adobe Photoshop 6.0"=Adobe Photoshop 6.0

"Adobe SVG Viewer"=Adobe SVG Viewer

"C-Media Audio"=C-Media 3D Audio

"C-Media Audio Driver"=C-Media WDM Audio Driver

"DC++"=DC++ 0.707

"DECCHECK"=Microsoft Windows XP Video Decoder Checkup Utility

"GOM Player"=GOM Player

"HijackThis"=HijackThis 2.0.2

"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs

"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 SDK - ENU"=Microsoft .NET Framework 2.0 SDK - ENU

"Microsoft Visual J# 2.0 Redistributable Package"=Microsoft Visual J# 2.0 Redistributable Package

"Mozilla Firefox (3.0.1)"=Mozilla Firefox (3.0.1)

"MPEG2 Codec(libmpeg2/mad)"=MPEG2 Codec(libmpeg2/mad)

"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs

"NVIDIA Drivers"=NVIDIA Drivers

"Personal"=Personal 4.5.2

"QR5.0_is1"=QuickReport 5

"Rave Reports 7.5.1 BE_is1"=Rave Reports 7.5.1 BE

"RegCure"=RegCure 1.5.0.1

"Registry Mechanic_is1"=Registry Mechanic 7.0

"Samsung CLP-510 Series"=Samsung CLP-510 Series

"Unlocker"=Unlocker 1.8.7

"Winamp"=Winamp

"Windows Media Format Runtime"=Windows Media Format 11 runtime

"Windows Media Player"=Windows Media Player 11

"Windows XP Service Pack"=Windows XP Service Pack 3

"WMFDist11"=Windows Media Format 11 runtime

"wmp11"=Windows Media Player 11

"Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 2008-10-21 11:19:11 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-10-21 11:23:50 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-10-21 11:24:37 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-10-21 11:24:44 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-10-21 11:24:51 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-10-21 11:25:00 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-10-21 11:26:35 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-10-21 11:26:40 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-10-21 11:26:58 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

Error - 2008-10-21 11:27:55 | Computer Name = HUVUD-DATOR | Source = nview_info | ID = 11141121

Description =

 

[ System Events ]

Error - 2008-10-22 17:36:26 | Computer Name = HUVUD-DATOR | Source = Service Control Manager | ID = 7023

Description = Tjänsten Portable Media Serial Number avbröts med följande fel: %%126

 

Error - 2008-10-23 02:07:31 | Computer Name = HUVUD-DATOR | Source = Service Control Manager | ID = 7023

Description = Tjänsten Portable Media Serial Number avbröts med följande fel: %%126

 

Error - 2008-10-23 02:43:54 | Computer Name = HUVUD-DATOR | Source = Service Control Manager | ID = 7023

Description = Tjänsten Portable Media Serial Number avbröts med följande fel: %%126

 

Error - 2008-10-23 02:48:36 | Computer Name = HUVUD-DATOR | Source = DCOM | ID = 10010

Description = Servern {601AC3DC-786A-4EB0-BF40-EE3521E70BFB} registrerades inte

med DCOM inom erforderlig timeout.

 

Error - 2008-10-23 10:51:28 | Computer Name = HUVUD-DATOR | Source = Service Control Manager | ID = 7023

Description = Tjänsten Portable Media Serial Number avbröts med följande fel: %%126

 

Error - 2008-10-23 11:12:04 | Computer Name = HUVUD-DATOR | Source = Service Control Manager | ID = 7023

Description = Tjänsten Portable Media Serial Number avbröts med följande fel: %%126

 

Error - 2008-10-23 11:43:10 | Computer Name = HUVUD-DATOR | Source = Service Control Manager | ID = 7023

Description = Tjänsten Portable Media Serial Number avbröts med följande fel: %%126

 

Error - 2008-10-23 15:22:14 | Computer Name = HUVUD-DATOR | Source = Service Control Manager | ID = 7023

Description = Tjänsten Portable Media Serial Number avbröts med följande fel: %%126

 

Error - 2008-10-23 15:39:09 | Computer Name = HUVUD-DATOR | Source = Service Control Manager | ID = 7023

Description = Tjänsten Portable Media Serial Number avbröts med följande fel: %%126

 

Error - 2008-10-23 15:48:39 | Computer Name = HUVUD-DATOR | Source = Service Control Manager | ID = 7023

Description = Tjänsten Portable Media Serial Number avbröts med följande fel: %%126

 

 

< End of report >

[/log]

Ilkka

 

Link to comment
Share on other sites

[2008-10-22 03:20:54 | 00,000,430 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job

[2008-10-22 03:20:53 | 00,000,364 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job

[2008-10-22 03:20:48 | 00,000,411 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Skrivbord\RegCure.lnk

[2008-10-22 03:20:48 | 00,000,000 | ---D | C] -- C:\Program\RegCure

RegCure är ett olämpligt program:

http://www.mywot.com/sv/scorecard/regcure.com

Avinstallera och ta bort ovanstående filer och mapp.

 

[2008-10-21 11:13:02 | 00,000,000 | ---D | C] -- C:\Program\Microsoft Common

Finns det fler filer kvar i den mappen?

 

Ladda ner Malwarebytes Anti-Malware (MBAM) från en av dessa länkar:

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

http://projects.securitywonks.net/projects/details.php?file=158

Dubbelklicka på mbam-setup.exe för att installera programmet.

 

[log]Bocka för:

Update Malwarebytes' Anti-Malware

Launch Malwarebytes' Anti-Malware

Tryck på Finish

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

 

När programmet startar så välj Perform Quick Scan och tryck på Scan.

Skanningen tar ett tag.

När den är klar så tryck på OK och sedan Show Results.

Bocka för allt och tryck sedan Remove Selected.

När borttagningen är klar så öppnar Anteckningar med en logg.

 

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om programmet inte kommer igång efter omstarten så starta det.

 

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på Logs-fliken i MBAM.

Kopiera loggen och klistra in den i ditt svar.[/log]

 

Link to comment
Share on other sites

Hej !

Malwarebytes hittade lite mer än Panda ! men tog en rundlig tid på sig.

Efter körningen så funkade ikoner och startmeny m.m.

Det enda som inte gick var att få in Internet Explorer 7. Jag hade ju försökt med en ominstallation via cd:n så 6:an kom in igen. Men det lär väl kunna fixa sig.

Medsänder loggen !

 

[log]

Malwarebytes' Anti-Malware 1.30

Databasversion: 1311

Windows 5.1.2600 Service Pack 3

 

2008-10-24 09:37:44

mbam-log-2008-10-24 (09-37-44).txt

 

Skanningstyp: Fullständig skanning (C:\|)

Antal skannade objekt: 213803

Förfluten tid: 1 hour(s), 55 minute(s), 27 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 2

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 1

Infekterade filer: 2

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7545d8c8-f53c-4e2f-8fa0-d248ef4a6e61} (Rogue.Installer) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Explorer.exe (Security.Hijack) -> Quarantined and deleted successfully.

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

C:\Program\Microsoft Common (Trojan.Agent) -> Quarantined and deleted successfully.

 

Infekterade filer:

C:\DC_inmatad\XPKey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Program\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.

[/log]

Tackar så mycket för hjälpen

Ilkka

 

Link to comment
Share on other sites

Att det tog tid berodde på att du valde fullständig i stället för snabb skanning som jag skrev. Panda är ett antivirusprogram till skillnad från MBAM så de upptäcker olika saker.

 

O4 - HKLM\..\Run: [sRFirstRun] rundll32 srclient.dll,CreateFirstRunRp

Är den raden borta nu ur en ny HijackThis-logg?

 

Link to comment
Share on other sites

Ja den är borta !

Det verkar som om Internet Explorer kommer upp 2 ggr där den första inte fungerar.

Har du något tips ? Kan jag ta bort Internet Explorer från disken och använda Firefox och via den installera Internet Explorer 7 ?

Ilkka

 

Link to comment
Share on other sites

Det verkar som om Internet Explorer kommer upp 2 ggr där den första inte fungerar.
När? Hur fungerar den inte?

 

Kan jag ta bort Internet Explorer från disken och använda Firefox och via den installera Internet Explorer 7 ?
Nej, det går inte att avinstallera IE6, men det finns väl några olika sätt att installera IE7. Har du gått till Windows Update och sett vad det finns för uppdateringar där?

 

Link to comment
Share on other sites

Jag har varit på updatesidan och tagit ner 7:an men det vill sig inte.

För övrigt så bör det väl gå att ta bort allt under Internet explorer och sedan installera 6:an från cd:n och därefter försöka få in 7:an.

Ilkka

 

Link to comment
Share on other sites

På vilket sätt fungerar inte installationen av IE7?

 

IE6 går inte att avinstallera, den är en del av XP. Man kan reparera IE6 genom att avinstallera SP3 och sedan ominstallera SP2.

 

Link to comment
Share on other sites

Hjärtligt tack !

Man kan säga vad man vill om Windows så jag säger fy faán.

Hej då ! (till nästa fel.)

Ilkka

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.×
×
  • Create New...