Home   News  Product reviews  Website reviews  Forums   Competitions  Subscribe 
Search
10 eco-friendly gadgets that won't cost the Earth
You are not logged in.
Login | New user registration 		Main Index | Search | Active Topics | Who's Online | FAQ / HELP

Security >> HijackThis logs help and analysis
Previous topic Previous   View all topics Index   Next topic Next   Threaded Mode Threaded  
 |  Print Topic
Jump to first unread post. Pages: 1
aestone
new user


Reg'd: Thu
Posts: 1
Constantly loading browser pages
      #393827 - Thu May 08 2008 09:14 PM
Reply to this post Reply   Reply to this post Quote  

Hi:

I am new to the forums and first wish to say hello to all. Now, I face the same problem that the other user faced. Internet Eplorer windows keep popping up, even when internet explorer is not running. Now, I did what you said and made those two files and here is main text:

Deckard's System Scanner v20071014.68
Run by Administrator on 2008-05-08 13:06:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.
Performed disk cleanup.

System Drive C: has 9.54 GiB (less than 15%) free.


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-08 13:12:28
Platform: Windows 2003 Service Pack 2 (5.02.3790)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ccs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\scardsvr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\CA\SharedComponents\Alert\alert.exe
C:\WINDOWS\system32\alg.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\WINDOWS\system32\ServerAppliance\appmgr.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
C:\Program Files\CA\BrightStor ARCserve Backup\jobeng.exe
C:\Program Files\CA\BrightStor ARCserve Backup\msgeng.exe
C:\Program Files\CA\BrightStor ARCserve Backup\CASMRTBK.EXE
C:\Program Files\CA\BrightStor ARCserve Backup\caserved.exe
C:\Program Files\CA\BrightStor ARCserve Backup\tapeeng.exe
C:\Program Files\CA\BrightStor ARCserve Backup\cadiscovd.exe
C:\Program Files\CA\BrightStor ARCserve Backup\Catirpc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\CA\BrightStor ARCserve Backup\caloggerd.exe
C:\Program Files\FDD + FMD Combo Reader\Czfmdser.exe
C:\Program Files\CA\SharedComponents\BrightStor\DBAcommon\DBASVR.exe
C:\WINDOWS\system32\dfssvc.exe
C:\WINDOWS\system32\dns.exe
C:\WINDOWS\system32\ServerAppliance\elementmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\g7ddcoms.exe
C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe
C:\Program Files\CA\BrightStor ARCserve Backup\caauthd.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\CA\BrightStor ARCserve Backup\LQserver.exe
C:\WINDOWS\system32\ismserv.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
C:\Program Files\CA\BrightStor ARCserve Backup\Mediasvr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ntfrs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CA\SharedComponents\BrightStor\DBAcommon\dbasqlr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\snmp.exe
C:\Program Files\Common Files\Microsoft Shared\web server extensions\60\BIN\OWSTIMER.EXE
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ServerAppliance\srvcsurg.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wins.exe
C:\WINDOWS\system32\windows media\server\wmserver.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dfsr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\mqdssvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\BrightStor ARCserve Backup\ASAlert.exe
C:\WINDOWS\system32\locator.exe
C:\Program Files\CA\BrightStor ARCserve Backup\LDBserver.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Cisco Aironet\ADU.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\FDD + FMD Combo Reader\CZFMDxpk.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\VersaJette M400-V08\g7ddmon.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
C:\Documents and Settings\Administrator\lsass.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Svconr\Svconr.exe
C:\Program Files\Nero\PhotoShow 5\data\Xtras\mssysmgr.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\VCOM\PowerDesk\pddlghlp.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpmup081.bin
C:\WINDOWS\system32\cidaemon.exe
H:\Download\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: LNHelper.BarHelper - {05A34600-8920-479b-92A9-68FACF7BB8FA} - mscoree.dll (file missing)
O2 - BHO: (no name) - {6099E475-049B-4239-BE88-2910A49F9F6A} - C:\WINDOWS\system32\opnnnnMf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {D2376FB3-3D0D-414D-83AA-3AD6AD6B111F} - C:\WINDOWS\system32\ljJDSIcC.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: LexisNexis Toolbar - {86BE1CDA-4F72-4c2f-9526-8E6A22DF46ED} - mscoree.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ADU] "C:\Program Files\Cisco Aironet\adu.exe" -nogui
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CZFMDXPK] C:\PROGRA~1\FDD_FM~1\CZFMDXPK.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ScanSoft OmniPage 16-reminder] "C:\Program Files\ScanSoft\OmniPage16\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\OmniPage 16\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [g7ddmon.exe] "C:\Program Files\VersaJette M400-V08\g7ddmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\VersaJette Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [PdxRegCl] "C:\Program Files\Paradox\Programs\PdxRegCl.exe" /s /c
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Matrox PowerDesk SE] "C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Administrator\lsass.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe"
O4 - HKCU\..\Run: [OpAgent] "OpAgent.exe" /agent
O4 - HKCU\..\Run: [JavaCore] C:\Program Files\\JavaCore\\JavaCore.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Svconr] C:\Program Files\Svconr\Svconr.exe
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Dialog Helper.lnk = C:\Program Files\VCOM\PowerDesk\pddlghlp.exe
O4 - Global Startup: APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll
O15 - Trusted Zone: https://turbotax.com (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\Software\..\Telephony: DomainName = stone-and-stone.com
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{B011C667-DEE8-47C3-BB7C-8CB79E05A8A2}: NameServer = 24.92.226.11,24.92.226.12
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{ED90DC01-B2D0-48A0-9353-E41A7AE38AEC}: NameServer = 24.92.226.11,24.92.226.12
O17 - HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: Domain = stone-and-stone.com
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: Domain = stone-and-stone.com
O18 - Protocol: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: ljJDSIcC - C:\WINDOWS\system32\ljJDSIcC.dll (file missing)
O23 - Service: Alert Notification Server - Computer Associates International, Inc. - C:\Program Files\CA\SharedComponents\Alert\alert.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
O23 - Service: CA BrightStor Database Engine (CASDBEngine) - CA - C:\Program Files\CA\BrightStor ARCserve Backup\DBENG.exe
O23 - Service: CA BrightStor Discovery Service (CASDiscoverySvc) - CA - C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
O23 - Service: CA BrightStor Job Engine (CASJobEngine) - CA - C:\Program Files\CA\BrightStor ARCserve Backup\jobeng.exe
O23 - Service: CA BrightStor Message Engine (CASMsgEngine) - CA - C:\Program Files\CA\BrightStor ARCserve Backup\msgeng.exe
O23 - Service: CA BrightStor Service Controller (CASSvcControlSvr) - CA - C:\Program Files\CA\BrightStor ARCserve Backup\caserved.exe
O23 - Service: CA BrightStor Tape Engine (CASTapeEngine) - CA - C:\Program Files\CA\BrightStor ARCserve Backup\tapeeng.exe
O23 - Service: CA BrightStor Domain Server (CASUnivDomainSvr) - CA - C:\Program Files\CA\BrightStor ARCserve Backup\cadiscovd.exe
O23 - Service: CA Remote Procedure Call Server (CATIRPC) - CA - C:\Program Files\CA\BrightStor ARCserve Backup\Catirpc.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\\lic98rmt.exe
O23 - Service: Cisco Configuration Service (CCS) - Unknown owner - C:\WINDOWS\system32\ccs.exe
O23 - Service: CZFMDSER.EXE - Unknown owner - C:\Program Files\FDD + FMD Combo Reader\Czfmdser.exe
O23 - Service: CA BrightStor Backup Agent RPC Server (DbaRpcService) - CA - C:\Program Files\CA\SharedComponents\BrightStor\DBAcommon\DBASVR.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: g7dd_device - Unknown owner - C:\WINDOWS\system32\g7ddcoms.exe
O23 - Service: iTechnology iGateway 4.0 (iGateway) - Computer Associates International, Inc. - C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: Matrox Centering Service - Matrox Graphics Inc. - C:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
O23 - Service: Matrox.Pdesk.ServicesHost - Unknown owner - C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: CA BrightStor Backup Agent Remote Service (RemoteDbagent) - CA - C:\Program Files\CA\SharedComponents\BrightStor\DBAcommon\dbasqlr.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe


--
End of file - 18988 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/COLOR]
.ini - inifile - shell\open\command - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1[/COLOR]
.js - jsfile - DefaultIcon - C:\Corel\Suite8\Programs\CCWin\Cscape.exe ,1[/COLOR]
.js - jsfile - shell\open\command - C:\Corel\Suite8\Programs\CCWin\Cscape.exe[/COLOR]
.txt - txtfile - shell\open\command - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1[/COLOR]


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>
R1 modemm - c:\windows\system32\drivers\modemm.sys
R1 Mtxparmx - c:\windows\system32\drivers\mtxparmx.sys <Not Verified; Matrox Graphics Inc.; Matrox Miniport Extension Kernel Driver>
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R2 CSCO21P (Cisco Protocol (IEEE 802.1x) v2.3.1.8) - c:\windows\system32\drivers\csco21p.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
R3 MTXPAR - c:\windows\system32\drivers\mtxparm.sys <Not Verified; Matrox Graphics Inc.; Matrox Parhelia Miniport Driver>
R3 NCHSSVAD (SoundTap Recorder) - c:\windows\system32\drivers\nchssvad.sys <Not Verified; NCH Swift Sound; NCH Swift Sound Virtual Audio Device>

S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Alert Notification Server - "c:\program files\ca\sharedcomponents\alert\alert.exe" <Not Verified; Computer Associates International, Inc.; Alert Service>
R2 CASDiscoverySvc (CA BrightStor Discovery Service) - "c:\program files\ca\sharedcomponents\brightstor\cads\casdscsvc.exe" <Not Verified; CA; BrightStor ARCserve Backup>
R2 CASJobEngine (CA BrightStor Job Engine) - "c:\program files\ca\brightstor arcserve backup\jobeng.exe" <Not Verified; CA; BrightStor ARCserve Backup>
R2 CASMsgEngine (CA BrightStor Message Engine) - "c:\program files\ca\brightstor arcserve backup\msgeng.exe" <Not Verified; CA; BrightStor ARCserve Backup>
R2 CASSvcControlSvr (CA BrightStor Service Controller) - "c:\program files\ca\brightstor arcserve backup\caserved.exe" <Not Verified; CA; BrightStor ARCserve Backup>
R2 CASTapeEngine (CA BrightStor Tape Engine) - "c:\program files\ca\brightstor arcserve backup\tapeeng.exe" <Not Verified; CA; BrightStor ARCserve Backup>
R2 CASUnivDomainSvr (CA BrightStor Domain Server) - "c:\program files\ca\brightstor arcserve backup\cadiscovd.exe" <Not Verified; CA; BrightStor ARCserve Backup>
R2 CATIRPC (CA Remote Procedure Call Server) - "c:\program files\ca\brightstor arcserve backup\catirpc.exe" <Not Verified; CA; BrightStor ARCserve Backup>
R2 CCS (Cisco Configuration Service) - c:\windows\system32\ccs.exe
R2 CZFMDSER.EXE - "c:\progra~1\fdd_fm~1\czfmdser.exe"
R2 DbaRpcService (CA BrightStor Backup Agent RPC Server) - "c:\program files\ca\sharedcomponents\brightstor\dbacommon\dbasvr.exe" <Not Verified; CA; BrightStor ARCserve Backup>
R2 iGateway (iTechnology iGateway 4.0) - "c:\program files\ca\sharedcomponents\itechnology\igateway.exe" <Not Verified; Computer Associates International, Inc.; iTechnology iGateway>
R2 LogWatch (Event Log Watch) - "c:\program files\ca\sharedcomponents\ca_lic\logwatnt.exe" <Not Verified; Computer Associates; Computer Associates LogWatNT>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>
R2 RemoteDbagent (CA BrightStor Backup Agent Remote Service) - "c:\program files\ca\sharedcomponents\brightstor\dbacommon\dbasqlr.exe" <Not Verified; CA; BrightStor ARCserve Backup>
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
R3 ServiceLayer - "c:\program files\common files\pcsuite\services\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

S2 CASDBEngine (CA BrightStor Database Engine) - "c:\program files\ca\brightstor arcserve backup\dbeng.exe" <Not Verified; CA; BrightStor ARCserve Backup>
S3 CA_LIC_CLNT (CA License Client) - "c:\program files\ca\sharedcomponents\ca_lic\\lic98rmt.exe" <Not Verified; Computer Associates International Inc.; Lic98>
S3 SrmReports (File Server Storage Reports Manager) - c:\windows\system32\srmhost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Aironet 802.11a/b/g Wireless Adapter
Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_CC2114B9&REV_01\5&FF66674&0&08F810
Manufacturer: Cisco
Name: Cisco Aironet 802.11a/b/g Wireless Adapter
PNP Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_CC2114B9&REV_01\5&FF66674&0&08F810
Service: CSCO21

Class GUID: {36FC9E60-C465-11CF-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_55AA&PID_B012\9A0D905641
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_55AA&PID_B012\9A0D905641
Service: USBSTOR

Class GUID: {4D36E980-E325-11CE-BFC1-08002BE10318}
Description: USB FloppyDisk Drive
Device ID: USBSTOR\SFLOPPY&VEN_CITIZEN&PROD_X1DE-USB&REV_1002\8&13F131FE&0
Manufacturer: (Standard floppy disk drives)
Name: CITIZEN X1DE-USB USB Device
PNP Device ID: USBSTOR\SFLOPPY&VEN_CITIZEN&PROD_X1DE-USB&REV_1002\8&13F131FE&0
Service: sfloppy

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&2A083901&0
Manufacturer: (Standard keyboards)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&2A083901&0
Service: i8042prt

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&2A083901&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&2A083901&0
Service: i8042prt

Class GUID:
Description:
Device ID: ROOT\LEGACY_MSISERVER\0000
Manufacturer:
Name:
PNP Device ID: ROOT\LEGACY_MSISERVER\0000
Service:


-- Files created between 2008-04-08 and 2008-05-08 -----------------------------

2008-05-07 10:41:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Simple Star
2008-05-07 10:31:33 335872 --a------ C:\WINDOWS\Nero PhotoShow.scr <Not Verified; Nero AG / Nero Inc.; Nero PhotoShow Screen Saver>
2008-05-07 10:11:21 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2008-05-07 10:11:21 38912 --a------ C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2008-05-07 09:54:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Simple Star Shared
2008-05-07 09:54:23 0 d-------- C:\Program Files\Common Files\Simple Star Shared
2008-05-07 09:52:28 0 d-------- C:\Documents and Settings\Administrator\Application Data\Simple Star
2008-05-07 08:24:48 2112 --a------ C:\WINDOWS\system32\dotgvivp.exe
2008-05-07 08:12:47 425472 --ahs---- C:\WINDOWS\system32\fMnnnnpo.ini2
2008-05-07 07:06:51 0 d-------- C:\Program Files\Kaspersky Lab
2008-05-07 07:06:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-07 07:04:47 326944 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-05-07 07:04:47 18583072 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-05-07 07:02:15 0 d-------- C:\kav
2008-05-04 08:37:23 0 d-------- C:\Windows XP Pro SP3 VL MSDN
2008-05-01 18:30:16 545 -----n--- C:\WINDOWS\UC.PIF
2008-05-01 18:30:16 545 -----n--- C:\WINDOWS\RAR.PIF
2008-05-01 18:30:16 545 -----n--- C:\WINDOWS\PKZIP.PIF
2008-05-01 18:30:16 545 -----n--- C:\WINDOWS\PKUNZIP.PIF
2008-05-01 18:30:16 545 -----n--- C:\WINDOWS\NOCLOSE.PIF
2008-05-01 18:30:16 545 -----n--- C:\WINDOWS\LHA.PIF
2008-05-01 18:30:16 545 -----n--- C:\WINDOWS\ARJ.PIF
2008-05-01 18:30:16 0 d-------- C:\totalcmd
2008-05-01 13:12:41 515245 --ahs---- C:\WINDOWS\system32\rCehQqss.ini2
2008-04-30 23:13:01 0 d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-04-30 23:13:00 0 d-------- C:\Documents and Settings\Administrator\Application Data\NCH Software
2008-04-30 23:11:58 0 d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-04-30 23:11:35 26112 --a------ C:\WINDOWS\system32\drivers\nchssvad.sys <Not Verified; NCH Swift Sound; NCH Swift Sound Virtual Audio Device>
2008-04-30 23:11:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\NCH Swift Sound
2008-04-30 23:11:34 0 d-------- C:\Program Files\NCH Swift Sound
2008-04-30 23:10:46 0 d-------- C:\Program Files\NCH Software
2008-04-30 10:28:01 542694 --ahs---- C:\WINDOWS\system32\ghRBJRqr.ini2
2008-04-29 10:34:05 0 d-------- C:\Documents and Settings\Administrator\sgzcache
2008-04-28 19:20:06 0 d-------- C:\total commander 7.03
2008-04-28 18:14:42 77 -----n--- C:\Documents and Settings\Administrator\3517.bat
2008-04-28 18:14:42 297 -----n--- C:\134.bat
2008-04-28 17:52:36 77 -----n--- C:\Documents and Settings\Administrator\1155.bat
2008-04-28 17:52:36 297 -----n--- C:\467.bat
2008-04-28 17:52:33 27136 -----n--- C:\svchost.exe
2008-04-28 17:52:33 27136 -----n--- C:\Documents and Settings\Administrator\services.exe
2008-04-28 16:14:50 0 d-------- C:\Program Files\Svconr
2008-04-28 16:13:39 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>
2008-04-28 16:13:37 0 -----n--- C:\WINDOWS\b.exe
2008-04-28 16:10:34 85504 ---hs---- C:\Documents and Settings\Administrator\lsass.exe
2008-04-28 16:10:30 86144 --a------ C:\WINDOWS\system32\drivers\modemm.sys
2008-04-28 16:10:24 0 d-------- C:\WINDOWS\system32\wTMP
2008-04-28 16:10:24 0 d-------- C:\WINDOWS\system32\n3
2008-04-28 16:10:24 0 d-------- C:\WINDOWS\system32\b1
2008-04-28 16:10:22 0 d-------- C:\WINDOWS\system32\pnVes18
2008-04-25 22:35:47 0 d-------- C:\Documents and Settings\Administrator\Shared
2008-04-25 20:14:26 0 d-------- C:\Documents and Settings\Administrator\Application Data\Simply Super Software
2008-04-25 17:11:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Matrox
2008-04-25 17:11:30 0 d-------- C:\Program Files\Matrox Graphics Inc
2008-04-25 17:11:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Matrox Graphics Inc
2008-04-25 17:10:41 0 d-------- C:\WINDOWS\system32\PowerDesk8
2008-04-25 17:10:40 2005120 --a------ C:\WINDOWS\system32\MTXPARD.dll <Not Verified; Matrox Graphics Inc.; Matrox Parhelia Display Driver>
2008-04-25 17:10:40 5504 --a------ C:\WINDOWS\system32\drivers\mtxparmx.sys <Not Verified; Matrox Graphics Inc.; Matrox Miniport Extension Kernel Driver>
2008-04-25 17:10:40 1485440 --a------ C:\WINDOWS\system32\drivers\MTXPARM.sys <Not Verified; Matrox Graphics Inc.; Matrox Parhelia Miniport Driver>
2008-04-25 17:10:37 5410816 --a------ C:\WINDOWS\system32\MTXOGL.dll <Not Verified; Matrox Graphics, Inc.; Matrox Graphics, Inc. MTXOGL>
2008-04-25 17:10:36 761856 --a------ C:\WINDOWS\system32\MtxEscape.dll <Not Verified; ; MtxEscape Dynamic Link Library>
2008-04-25 17:10:35 139264 --a------ C:\WINDOWS\system32\MtxCIP.dll <Not Verified; Matrox Graphics Inc.; Co-Installer Proxy Dynamic Link Library>
2008-04-25 17:09:59 0 d-------- C:\MGAFOLD
2008-04-24 16:57:28 24576 --a------ C:\WINDOWS\system32\mll_arc.dll <Not Verified; CA; BrightStor ARCserve Backup>
2008-04-22 10:02:05 0 d-------- C:\Documents and Settings\Administrator\Application Data\Nero
2008-04-22 09:54:28 0 d-------- C:\Program Files\Nero
2008-04-22 09:54:28 0 d-------- C:\Program Files\Common Files\Nero
2008-04-22 09:54:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-04-22 09:51:52 0 d-------- C:\WINDOWS\system32\DirectX
2008-04-21 07:16:59 2860 -----n--- C:\Documents and Settings\Administrator\Application Data\BrightStorMgr.dat
2008-04-21 06:59:37 0 d-------- C:\Program Files\CA
2008-04-20 17:58:05 0 d-------- C:\Program Files\Common Files\?ymbols
2008-04-20 14:01:29 1541089 --ahs---- C:\WINDOWS\system32\oftblqwa.ini2
2008-04-20 13:36:42 0 d-------- C:\Program Files\Spyware Doctor
2008-04-20 13:36:42 0 d-------- C:\Documents and Settings\Administrator\Application Data\PC Tools
2008-04-19 19:59:10 0 d-------- C:\Documents and Settings\Default User\Application Data\Mozilla
2008-04-19 19:56:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\Intuit
2008-04-19 18:45:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Redirected
2008-04-19 18:35:21 410300 --ahs---- C:\WINDOWS\system32\dLkQqBeg.ini2
2008-04-19 17:24:45 0 d-------- C:\Program Files\?ssembly
2008-04-19 12:08:38 0 d-------- C:\WINDOWS\adam
2008-04-19 12:08:13 0 d-------- C:\WINDOWS\adfs
2008-04-19 12:07:50 0 d-------- C:\Program Files\cmak
2008-04-19 12:01:14 0 d-------- C:\WINDOWS\ServicePackFiles
2008-04-19 11:48:43 0 d-a------ C:\WINDOWS\PolicyBackup
2008-04-19 10:07:54 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-19 08:51:27 0 d-------- C:\Program Files\KLMSoft
2008-04-19 08:50:51 2619915 -----n--- C:\BEsetup.exe <Not Verified; KLMsoft; >
2008-04-17 21:06:24 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-04-17 21:05:17 0 d-------- C:\WINDOWS\system32\Macromed
2008-04-17 21:05:17 1619 -----n--- C:\WINDOWS\mozver.dat
2008-04-17 20:32:37 0 d-------- C:\Program Files\Common Files\Nokia
2008-04-17 20:30:26 0 d-------- C:\Program Files\Common Files\PCSuite
2008-04-17 19:55:45 0 d-------- C:\Program Files\Common Files\L&H
2008-04-17 19:54:14 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-04-17 19:51:52 0 d-------- C:\Program Files\Microsoft Works
2008-04-17 14:49:38 273408 -----n--- C:\WINDOWS\b148.exe
2008-04-17 09:15:15 0 d-------- C:\Documents and Settings\Administrator\Application Data\ScanSoft
2008-04-17 08:33:46 0 d-------- C:\Program Files\Common Files\Brother
2008-04-17 08:33:25 0 d-------- C:\Program Files\Brother
2008-04-16 22:22:44 0 d-------- C:\Documents and Settings\Administrator\Application Data\Datalayer
2008-04-16 22:22:42 0 d-------- C:\Documents and Settings\Administrator\Phone Browser
2008-04-16 20:22:22 0 d-------- C:\Documents and Settings\Administrator\Incomplete
2008-04-16 20:22:14 0 d-------- C:\Documents and Settings\Administrator\Application Data\FrostWire
2008-04-16 20:18:20 0 d-------- C:\Documents and Settings\Administrator\Application Data\Help
2008-04-16 20:09:33 0 d-------- C:\Program Files\FrostWire
2008-04-16 19:41:21 0 -----n--- C:\WINDOWS\nsreg.dat
2008-04-16 19:41:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-04-16 16:33:01 0 d-------- C:\Documents and Settings\Default User\Application Data\NetMon
2008-04-16 16:33:00 0 d--hs---- C:\WINDOWS\QWxsZW4gRS4gU3RvbmUsIEpyLg
2008-04-16 16:28:04 0 d-------- C:\WINDOWS\krmf
2008-04-16 16:28:04 0 d-------- C:\Program Files\Common Files\krmf
2008-04-16 16:23:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\S?mantec
2008-04-16 16:22:52 0 d-------- C:\WINDOWS\s?curity
2008-04-16 16:17:35 0 d-------- C:\Program Files\Inet_Get_2
2008-04-16 16:12:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\SpeedRunner
2008-04-16 16:07:32 0 d-------- C:\Program Files\JavaCore
2008-04-16 15:57:27 0 d-------- C:\Program Files\CPV
2008-04-16 11:58:47 0 d-------- C:\WINDOWS\Sun
2008-04-16 10:02:36 1160 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-04-16 10:01:04 32768 --a------ C:\WINDOWS\system32\XLLDFRequest2.dll <Not Verified; KMT Software, Inc.; LLDataRequest>
2008-04-16 10:01:04 36864 --a------ C:\WINDOWS\system32\LLInstances2.dll <Not Verified; KMT Software, Inc.; LLInstances>
2008-04-16 10:01:04 77824 --a------ C:\WINDOWS\system32\LLClientMiddleWare2.dll <Not Verified; KMT Software, Inc.; LLClientMiddleWare>
2008-04-16 10:01:04 32768 --a------ C:\WINDOWS\system32\LLClasses2.dll <Not Verified; KMT Software, Inc.; LLClasses>
2008-04-16 10:01:01 40448 --a------ C:\WINDOWS\system32\regobj.dll
2008-04-16 10:00:59 0 d-------- C:\Program Files\WordPerfect OfficeReady 1.5
2008-04-16 09:54:25 0 d-------- C:\Program Files\WordPerfect Office X3
2008-04-16 09:46:50 0 d-------- C:\Program Files\Common Files\Corel
2008-04-16 09:46:50 0 d-------- C:\Program Files\Common Files\Borland Shared
2008-04-16 09:46:49 0 d-------- C:\Program Files\Paradox
2008-04-16 09:43:52 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-16 08:51:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
2008-04-16 08:50:30 0 d-------- C:\Program Files\Innovative Solutions
2008-04-16 06:29:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-04-16 03:11:11 0 d-------- C:\Program Files\MSXML 6.0
2008-04-16 03:00:54 0 d-------- C:\Program Files\MSXML 4.0
2008-04-15 20:50:08 0 d-------- C:\Documents and Settings\Administrator\Application Data\Corel
2008-04-15 19:51:05 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-04-15 19:40:35 0 d-------- C:\Program Files\Windows Desktop Search
2008-04-15 19:39:08 0 d--h----- C:\WINDOWS\$hf_mig$
2008-04-15 17:51:00 0 d-------- C:\WINDOWS\system32\appmgmt
2008-04-15 17:45:52 0 d-------- C:\Program Files\Yahoo!
2008-04-15 17:44:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Corel
2008-04-15 17:44:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Borland
2008-04-15 16:08:11 15872 --a------ C:\WINDOWS\system32\rsxunins.exe <Not Verified; Intel Corporation; Realistic 3D Sound Experience (RSX 3D)>
2008-04-15 16:08:11 66048 --a------ C:\WINDOWS\system32\rsxtool.exe <Not Verified; Intel Corporation; Realistic 3D Sound Experience (RSX 3D)>
2008-04-15 16:08:08 563712 --a------ C:\WINDOWS\system32\vdk32116.dll <Not Verified; Voxware, Inc.; RealTime Codec>
2008-04-15 16:08:08 69632 --a------ C:\WINDOWS\system32\sx83p32.dll
2008-04-15 16:08:08 389120 --a------ C:\WINDOWS\system32\Rwl21.dll <Not Verified; Criterion Software Ltd.; RenderWare>
2008-04-15 16:08:08 621056 --a------ C:\WINDOWS\system32\Rwdlmb21.dll <Not Verified; Criterion Software Ltd.; RenderWare>
2008-04-15 16:08:08 558080 --a------ C:\WINDOWS\system32\Rwdl8b21.dll <Not Verified; Criterion Software Ltd.; RenderWare>
2008-04-15 16:08:07 576000 --a------ C:\WINDOWS\system32\Rwdl6b21.dll <Not Verified; Criterion Software Ltd.; RenderWare>
2008-04-15 16:08:07 115200 --a------ C:\WINDOWS\system32\rsxdata.dll <Not Verified; Intel Corporation; Realistic 3D Sound Experience (RSX 3D)>
2008-04-15 16:08:07 158720 --a------ C:\WINDOWS\system32\rsx.dll <Not Verified; Intel Corporation; Realistic 3D Sound Experience (RSX 3D)>
2008-04-15 16:08:06 22528 --a------ C:\WINDOWS\system32\nsmlaw32.dll <Not Verified; Netscape Communications; G.711 u-law Codec>
2008-04-15 16:08:06 264192 --a------ C:\WINDOWS\system32\npacrx.dll <Not Verified; Lucent Technologies; Music Decoder Library AX24000P>
2008-04-15 16:08:06 76800 --a------ C:\WINDOWS\system32\mcilma32.dll <Not Verified; Netscape Communications; LA file format player>
2008-04-15 16:08:06 37856 --a------ C:\WINDOWS\system32\mcilma.dll <Not Verified; Netscape Communications; LA file format player>
2008-04-15 16:08:05 131584 --a------ C:\WINDOWS\system32\mcilau32.dll <Not Verified; Netscape; Netscape Media Player / Audio Streaming Client>
2008-04-15 16:08:05 95296 --a------ C:\WINDOWS\system32\mcilau.dll <Not Verified; Netscape; Netscape Media Player / Audio Streaming Client>
2008-04-15 16:08:05 71168 --a------ C:\WINDOWS\system32\lmactl32.dll <Not Verified; Netscape Communications; GUI for Netscape Media Player>
2008-04-15 16:08:05 67936 --a------ C:\WINDOWS\system32\isprsht.dll <Not Verified; InSoft, Inc.; PropertySheet16>
2008-04-15 16:08:03 11776 --a------ C:\WINDOWS\system32\aaudio.dll <Not Verified; Intel Corporation; Realistic 3D Sound Experience (RSX 3D)>
2008-04-15 16:07:58 0 d-------- C:\Font Navigator
2008-04-15 16:06:49 68096 --a------ C:\WINDOWS\system32\QPAUTO8.DLL <Not Verified; Corel Corporation Limited; PerfectFit 32-Bit>
2008-04-15 16:06:30 123904 --a------ C:\WINDOWS\system32\NCSPI8EN.DLL <Not Verified; Nexal Corporation; Corel Suite 8>
2008-04-15 16:06:29 809744 --a------ C:\WINDOWS\system32\wmsui32.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-04-15 16:06:29 286208 --a------ C:\WINDOWS\system32\NCSPI832.DLL <Not Verified; Nexal Corporation; Corel Suite 8>
2008-04-15 16:06:29 635152 --a------ C:\WINDOWS\system32\mapi32x.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-04-15 16:06:28 803680 --a------ C:\WINDOWS\system32\AXDIST.EXE <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-04-15 16:06:27 721168 --a------ C:\WINDOWS\system32\VB40032.DLL <Not Verified; Microsoft Corporation; Visual Basic 4.0>
2008-04-15 16:06:24 90112 --a------ C:\WINDOWS\system32\Evysh7en.dll <Not Verified; Novell, Inc.; Envoy 7 For Windows 95>
2008-04-15 16:06:24 310544 --a------ C:\WINDOWS\system32\COMCTLNT.DLL <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-04-15 16:06:24 379152 --a------ C:\WINDOWS\system32\COMCTL95.DLL <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-04-15 16:06:23 960512 --a------ C:\WINDOWS\system32\EVYSH7.DLL <Not Verified; Novell, Inc.; Envoy 7 For Windows 95>
2008-04-15 16:06:15 9216 --a------ C:\WINDOWS\system32\Barmven.exe <Not Verified; Corel Corporation Limited; Rename function for Corel Barista driver>
2008-04-15 16:06:15 11296 --a------ C:\WINDOWS\system32\Baren.DLL <Not Verified; Corel Corporation Limited; Corel Barista for Windows 95>
2008-04-15 16:06:10 20992 --a------ C:\WINDOWS\system32\PFMAPI32.DLL <Not Verified; ; PFMAPI32>
2008-04-15 16:06:10 22480 --a------ C:\WINDOWS\system32\PFMAPI16.DLL
2008-04-15 16:06:06 64000 --a------ C:\WINDOWS\system32\PFAUTO8.DLL <Not Verified; Corel Corporation Limited; PerfectFit 32-Bit>
2008-04-15 16:06:00 7680 --a------ C:\WINDOWS\system32\SHLWP8EN.DLL <Not Verified; Corel Corporation Limited; WordPerfect Shell Extensions>
2008-04-15 16:06:00 125952 --a------ C:\WINDOWS\system32\SHELLWP.DLL <Not Verified; Corel Corporation Limited; WordPerfect Shell Extensions>
2008-04-15 16:05:54 68096 --a------ C:\WINDOWS\system32\PRAUTO8.DLL <Not Verified; Corel Corporation Limited; PerfectFit 32-Bit>
2008-04-15 16:05:47 72192 --a------ C:\WINDOWS\system32\WPAUTO8.DLL <Not Verified; Corel Corporation Limited; PerfectFit 32-Bit>
2008-04-15 16:05:40 0 d--h----- C:\WINDOWS\ShellNew
2008-04-15 16:05:30 0 d-------- C:\MyFiles
2008-04-15 15:39:27 0 d-------- C:\Program Files\gs
2008-04-15 15:25:17 0 d-------- C:\Documents and Settings\Administrator\Application Data\VersaJetteFax
2008-04-15 15:23:55 0 d-------- C:\logs
2008-04-15 15:21:33 692224 --a------ C:\WINDOWS\system32\g7dddrs.dll
2008-04-15 15:21:33 69632 --a------ C:\WINDOWS\system32\g7ddcnv4.dll
2008-04-15 15:21:33 65536 --a------ C:\WINDOWS\system32\g7ddcaps.dll
2008-04-15 15:21:10 98345 --a------ C:\WINDOWS\system32\IMHOST32.DLL <Not Verified; Data Techniques, Inc.; ImageMan Image Processing Toolkit>
2008-04-15 15:21:10 339968 --a------ C:\WINDOWS\system32\IMGMAN32.DLL <Not Verified; Data Techniques, Inc.; ImageMan Image Processing Toolkit>
2008-04-15 15:21:10 45056 --a------ C:\WINDOWS\system32\g7F3PMON.DLL
2008-04-15 15:21:10 36864 --a------ C:\WINDOWS\system32\g7f3oem.dll <Not Verified; ; VersaJette Fax Solutions Software>
2008-04-15 15:21:10 32768 --a------ C:\WINDOWS\system32\g7F3FXPU.DLL
2008-04-15 15:21:04 0 d-------- C:\Documents and Settings\All Users\Application Data\VersaJetteFax
2008-04-15 15:20:44 0 d-------- C:\Program Files\VersaJette Fax Solutions
2008-04-15 15:20:02 0 d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-04-15 15:19:45 0 d-------- C:\Program Files\VersaJette M400-V08
2008-04-15 15:19:32 286720 --a------ C:\WINDOWS\system32\G7DDinst.dll
2008-04-15 15:19:32 323584 --a------ C:\WINDOWS\system32\G7DDhcp.dll <Not Verified; ; Printer Communication System>
2008-04-15 15:18:08 0 d-------- C:\Documents and Settings\Administrator\Application Data\Nokia
2008-04-15 15:02:47 0 d-------- C:\Program Files\PowerISO
2008-04-15 14:28:05 0 d-------- C:\Program Files\Common Files\i4j_jres
2008-04-15 14:27:58 0 d-------- C:\Program Files\SimpleCenter
2008-04-15 14:23:24 0 d-------- C:\Program Files\DIFX
2008-04-15 14:21:58 0 d-------- C:\Documents and Settings\Administrator\Application Data\PC Suite
2008-04-15 14:21:57 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-04-15 14:21:37 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-04-15 14:21:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-04-15 14:20:42 0 d-------- C:\WINDOWS\Downloaded Installations
2008-04-15 14:20:08 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-15 14:12:22 0 d-------- C:\Program Files\Nokia
2008-04-15 10:56:10 0 d-------- C:\Program Files\SQLXML 4.0
2008-04-15 10:39:06 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-04-15 10:39:06 0 d-------- C:\Program Files\Common Files\Merge Modules
2008-04-15 10:39:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-15 10:29:55 0 d-------- C:\Program Files\Microsoft Analysis Services
2008-04-15 10:28:53 0 d-------- C:\Program Files\Microsoft.NET
2008-04-15 10:13:37 0 d-------- C:\Program Files\ItsDeductible2006
2008-04-15 10:11:00 0 d-------- C:\Documents and Settings\Administrator\Application Data\InstallShield
2008-04-15 10:10:02 0 d-------- C:\Program Files\ItsDeductible2005
2008-04-15 10:06:55 0 d-------- C:\Program Files\ItsDeductibleEX
2008-04-15 10:06:30 110592 --a------ C:\WINDOWS\system32\tsccvid.dll <Not Verified; TechSmith Corporation; TechSmith Screen Capture Codec>
2008-04-15 10:06:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Intuit
2008-04-15 10:04:11 0 d-------- C:\Program Files\Common Files\AnswerWorks 4.0
2008-04-15 10:02:17 0 d-------- C:\Program Files\Intuit
2008-04-15 10:01:22 0 d-------- C:\Program Files\TurboTax
2008-04-15 09:56:44 0 d-------- C:\Tax01
2008-04-15 09:55:00 0 d-------- C:\Tax00
2008-04-15 09:52:45 50176 --a------ C:\WINDOWS\system32\mvtl13n.dll <Not Verified; Microsoft Corporation; Microsoft Media View>
2008-04-15 09:52:44 51712 --a------ C:\WINDOWS\system32\mvsr13n.dll <Not Verified; Microsoft Corporation; Microsoft Media View>
2008-04-15 09:52:44 32256 --a------ C:\WINDOWS\system32\mvmg13n.dll <Not Verified; Microsoft Corporation; Microsoft Media View>
2008-04-15 09:52:44 73728 --a------ C:\WINDOWS\system32\mvmc13n.dll <Not Verified; Microsoft Corporation; Microsoft Media View>
2008-04-15 09:52:44 58880 --a------ C:\WINDOWS\system32\mvfs13n.dll <Not Verified; Microsoft Corporation; Microsoft Media View>
2008-04-15 09:52:44 111104 --a------ C:\WINDOWS\system32\mvcl13n.dll
2008-04-15 09:52:44 25600 --a------ C:\WINDOWS\system32\mvbk13n.dll <Not Verified; Microsoft Corporation; Microsoft Media View>
2008-04-15 09:52:41 48640 --a------ C:\WINDOWS\system32\inetwh32.dll <Not Verified; Blue Sky Software; Blue Sky Software - INETWH32>
2008-04-15 09:52:41 5856 --a------ C:\WINDOWS\system32\inet16.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2008-04-15 09:52:41 73728 -----n--- C:\WINDOWS\icg32.dll <Not Verified; Intuit; Internet Client 2.3>
2008-04-15 09:52:38 7102 -----n--- C:\WINDOWS\icoadb32.dat
2008-04-15 09:52:27 259584 --a------ C:\WINDOWS\system32\qcon32.dll <Not Verified; Intuit Inc.; Quicken 99 for Windows>
2008-04-15 09:52:27 539136 --a------ C:\WINDOWS\system32\qba32.dll <Not Verified; Intuit, Inc.; QuickBooks for Windows>
2008-04-15 09:52:27 41472 --a------ C:\WINDOWS\system32\iprof32.dll <Not Verified; Intuit; Intuit Family of Products>
2008-04-15 09:52:25 0 d-------- C:\WINDOWS\Intuit
2008-04-15 09:52:24 0 d-------- C:\Tax99
2008-04-15 09:52:24 0 d-------- C:\Program Files\Common Files\Intuit
2008-04-15 09:19:52 0 d-------- C:\Documents and Settings\All Users\Application Data\System
2008-04-15 09:19:51 0 d-------- C:\Documents and Settings\Administrator\Application Data\G7PS
2008-04-15 09:19:03 0 d-------- C:\Documents and Settings\All Users\Application Data\G7PS
2008-04-15 09:18:39 0 d-------- C:\Program Files\Common Files\GNU Ghostscript Shared
2008-04-15 09:18:29 0 d-------- C:\Program Files\Common Files\G7PS
2008-04-15 09:18:26 0 d-------- C:\Program Files\Common Files\GPL Ghostscript Shared
2008-04-15 09:11:47 0 d-------- C:\Program Files\G7PS
2008-04-15 08:26:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-04-15 08:24:10 0 d-------- C:\HP-UPD4_5-PCL6-32
2008-04-15 08:08:41 0 d-------- C:\Program Files\Cisco Systems
2008-04-15 08:03:22 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-04-15 08:02:55 0 d-------- C:\Program Files\Java
2008-04-15 08:02:54 0 d-------- C:\Program Files\Common Files\Java
2008-04-15 01:34:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\WinRAR
2008-04-15 01:31:17 0 d-------- C:\Documents and Settings\Administrator\Application Data\LexisNexis
2008-04-15 01:31:10 0 d-------- C:\Program Files\LexisNexis
2008-04-15 01:22:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\VCOM
2008-04-15 01:22:30 0 d-------- C:\Program Files\VCOM
2008-04-15 01:20:58 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-15 01:15:41 0 d-------- C:\Documents and Settings\Administrator\Application Data\UseNeXT
2008-04-15 01:15:34 0 d-------- C:\Program Files\UseNeXT
2008-04-15 00:11:49 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-04-15 00:11:41 4142592 --a------ C:\WINDOWS\system32\qtintf.dll <Not Verified; Borland Software Corporation; Delphi-Qt2.x Interface Library>
2008-04-15 00:11:40 0 d-------- C:\Program Files\APC
2008-04-15 00:10:35 11136 --a------ C:\WINDOWS\system32\FPRUN300.DLL
2008-04-15 00:04:45 277400 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2008-04-15 00:02:20 1056768 --a------ C:\WINDOWS\system32\ROBOEX32.DLL <Not Verified; Blue Sky Software Corporation.; RoboHELP Classic 2000>
2008-04-15 00:02:20 28672 --a------ C:\WINDOWS\system32\PlugFile.dll <Not Verified; ; PlugFile Module>
2008-04-15 00:02:19 210944 --a------ C:\WINDOWS\system32\MSVCRT10.DLL
2008-04-14 23:59:12 0 d-------- C:\Program Files\Rand McNally
2008-04-14 23:57:06 0 d-------- C:\Documents and Settings\Default User\Application Data\Identities
2008-04-14 23:01:15 0 d-------- C:\Documents and Settings\Administrator\Application Data\Zeon
2008-04-14 21:53:07 0 d-------- C:\Program Files\Registrar Registry Manager
2008-04-14 20:39:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-04-14 20:08:22 0 d-------- C:\Corel
2008-04-14 16:30:55 0 d--hs---- C:\WINDOWS\CSC
2008-04-14 16:09:38 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-14 16:09:28 0 d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-04-14 16:09:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Zeon
2008-04-14 16:07:40 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-04-14 16:07:01 0 d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-04-14 16:05:03 0 d-------- C:\Program Files\ScanSoft
2008-04-14 15:08:30 0 d-------- C:\Program Files\Microsoft SQL Server
2008-04-14 14:47:42 4608 --a------ C:\WINDOWS\system32\WsmSelrr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:42 13824 --a------ C:\WINDOWS\system32\ipmisetp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:41 0 d-------- C:\WINDOWS\system32\ipmi
2008-04-14 14:47:40 66560 --a------ C:\WINDOWS\system32\wecutil.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:40 80896 --a------ C:\WINDOWS\system32\wecsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:40 26112 --a------ C:\WINDOWS\system32\wecapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:40 8704 --a------ C:\WINDOWS\system32\ELSEXT.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:39 208384 --a------ C:\WINDOWS\system32\WsmSvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:39 95744 --a------ C:\WINDOWS\system32\WsmRes.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:37 41984 --a------ C:\WINDOWS\system32\WsmProv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:37 243200 --a------ C:\WINDOWS\system32\WsmCl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:37 49664 --a------ C:\WINDOWS\system32\WsmAuto.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 14:47:36 77917 --a------ C:\WINDOWS\system32\winrm.vbs
2008-04-14 14:47:36 35 --a------ C:\WINDOWS\system32\winrm.cmd
2008-04-14 14:47:33 0 d-------- C:\WINDOWS\PMCSnap
2008-04-14 14:46:01 0 d-------- C:\Program Files\Phone Book Service
2008-04-14 12:43:58 0 d-------- C:\WINDOWS\system32\msmq
2008-04-14 12:43:57 0 d-------- C:\ADFS
2008-04-14 12:39:02 0 d--hs---- C:\Documents and Settings\Administrator\UserData
2008-04-14 12:27:56 0 d-------- C:\StorageReports
2008-04-14 11:35:00 0 d-------- C:\WINDOWS\RegisteredPackages
2008-04-14 11:32:23 42496 --a------ C:\WINDOWS\system32\dfsext.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 11:32:20 5120 --a------ C:\WINDOWS\system32\dfsres.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 11:32:20 200704 --a------ C:\WINDOWS\system32\dfsrAdmin.exe <Not Verified; Microsoft Corporation; Microsoft (R) Windows (R) Operating System>
2008-04-14 11:32:17 73728 --a------ C:\WINDOWS\system32\Dfsrres.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 11:32:10 0 d-------- C:\WINDOWS\system32\srm
2008-04-14 11:32:09 7168 --a------ C:\WINDOWS\system32\srmsched_ps.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 11:32:08 125952 --a------ C:\WINDOWS\system32\storrept.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 11:32:07 10752 --a------ C:\WINDOWS\system32\srmhost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 11:32:07 10240 --a------ C:\WINDOWS\system32\srmclient.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 11:32:07 105472 --a------ C:\WINDOWS\system32\srm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-14 11:14:06 0 d-------- C:\Program Files\Support Tools
2008-04-14 11:00:24 41030 --a------ C:\WINDOWS\system32\cscogina.dll <Not Verified; Cisco Systems, Inc.; Cisco GINA Dynamic Link Library>
2008-04-14 11:00:22 20480 --a------ C:\WINDOWS\system32\ccs.exe
2008-04-14 11:00:17 15780 --a------ C:\WINDOWS\system32\drivers\csco21p.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
2008-04-14 11:00:17 110592 --a------ C:\WINDOWS\system32\AegisI5.exe <Not Verified; ; AegisInstall Application>
2008-04-14 11:00:16 372736 --a------ C:\WINDOWS\system32\csccfg10.dll <Not Verified; Cisco Systems, Inc.; Cisco Configuration API Dynamic Link Library>
2008-04-14 11:00:16 843776 --a------ C:\WINDOWS\system32\AegisC5.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
2008-04-14 11:00:15 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-14 11:00:15 0 d-------- C:\Program Files\Cisco Aironet
2008-04-14 10:59:52 0 d-------- C:\temp
2008-04-14 10:59:50 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-14 10:34:55 0 d-------- C:\WINDOWS\system32\en
2008-04-14 10:34:15 0 d-------- C:\WINDOWS\system32\corebins
2008-04-14 10:32:01 0 d-------- C:\FPSE_search
2008-04-14 10:31:29 0 d-------- C:\WINDOWS\IIS Temporary Compressed Files
2008-04-14 10:31:20 0 d-------- C:\WINDOWS\system32\Cache
2008-04-14 10:29:10 0 d-------- C:\Inetpub
2008-04-14 10:25:21 0 d-------- C:\WINDOWS\SchCache
2008-04-14 10:17:35 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-04-14 10:17:13 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-04-14 10:17:13 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-04-14 10:17:13 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-04-14 10:17:13 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-04-14 10:17:13 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-04-14 10:17:13 5505024 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-04-14 10:17:13 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-04-14 10:17:13 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-04-14 10:17:13 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-04-14 10:17:13 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-04-14 10:17:13 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-04-14 10:17:13 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-04-14 10:17:13 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-04-14 10:06:58 0 d-------- C:\WIND

Post Extras: Print Post   Remind Me!   Notify Moderator  
John_McKennaModerator
HijackThis Helper


Reg'd: Wed
Posts: 7400
Loc: England
Re: Constantly loading browser pages [Re: aestone]
      #393833 - Thu May 08 2008 09:36 PM
Reply to this post Reply   Reply to this post Quote  

After reading your log I regret to inform you that Webuser will be unable to help on this occassion.

It is Forum Policy that we only help home users in the HJT Forum and your machine clearly comes from a corporate environment.

I suggest your contact your IT department, call an engineer or try any number of alternative anti-spyware forums for a solution to your bot infections.

--------------------
.

Click here before posting a HijackThis Log - Important !!

My Site

Post Extras: Print Post   Remind Me!   Notify Moderator  
Pages: 1

Previous topic Previous   View all topics Index   Next topic Next   Threaded Mode Threaded  
Rate this topic

Jump to


Extra information
0 registered and 8 anonymous users are browsing this forum.

Moderator:  putasolutions, kimhollamby, greysts, bricat, AndrewC, Joe_London, John_McKenna, Mouse, Hello_There, TheFatControlleR, Nanook, Noviciate 


Print Topic

Forum Permissions
      You cannot start new topics
      You cannot reply to topics
      HTML is disabled
      Mark-up is enabled

Rating:
Topic views: 0

Contact Us | Privacy statement Main website
Hitwise Top 10 Award Winner - Jan-Mar 2005

About us | Contact us | Link to us | Terms & Conditions | Privacy Policy
© Copyright IPC Media Limited, All rights reserved