Had mbam and avg clean recent infection off the computer. Now I can't access mrt.exe . I was wondering maybe that I might be still infected?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:23:14 AM, on 8/28/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Lee Elizabeth\Local Settings\Temporary Internet Files\Content.IE5\IPP0653B\Win32kDiag[1].exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Lee Elizabeth\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://updates.installshield.com/GetUpdate...01FD9FB500FDEAC
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase1140.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://download.games.yahoo.com/games/web_...itched/main.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.games.yahoo.com/games/web_...e/gpcontrol.cab
O16 - DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} (Playtime Games Launcher) - http://download.games.yahoo.com/games/web_...ameLauncher.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 11341 bytes



Log file is located at: C:\Documents and Settings\Lee Elizabeth\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Cannot access: C:\WINDOWS\Debug\mrt.log

[1] 2009-08-28 09:10:21 1126 C:\WINDOWS\Debug\mrt.log ()

Welcome to the forum proteus7

It appears mrt.log permisions are messed up
Go start run and paste in the bolded line below
"%userprofile%\desktop\win32kdiag.exe" -f -r
when it is finished post the log again

Post a Panda ActiveScan-Free online scanner Log
http://www.pandasoftware.com/products/activescan.htm
Press "scan your PC now" allow the active x to install (if prompted)
Do a full scan > Click the my computer button
After the scan click see report then Save the report and post it back here please.
If you have problems read the FAQ
http://www.pandasoftware.com/activescan/ac...aq.asp?IdLang=2

Thanks for the reply Lonny. I tried win32diag but it ran for a while then it was stopped by an error. I uploaded a screen shot of the error.


Log file is located at: C:\Documents and Settings\Lee Elizabeth\Desktop\Win32kDiag.txt

Removing all found mount points.

Attempting to reset file permissions.

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Cannot access: C:\WINDOWS\Downloaded Program Files\rufsi.dll

Attempting to restore permissions of : C:\WINDOWS\Downloaded Program Files\rufsi.dll

[1] 2009-06-12 13:05:16 296336 C:\WINDOWS\Downloaded Program Files\rufsi.dll (Symantec Corporation)



Cannot access: C:\WINDOWS\Downloaded Program Files\wlscBase.dll

Attempting to restore permissions of : C:\WINDOWS\Downloaded Program Files\wlscBase.dll

[1] 2009-06-11 16:02:04 452496 C:\WINDOWS\Downloaded Program Files\wlscBase.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\Downloaded Program Files\wlscBase.inf

Attempting to restore permissions of : C:\WINDOWS\Downloaded Program Files\wlscBase.inf

[1] 2009-06-11 16:04:12 321 C:\WINDOWS\Downloaded Program Files\wlscBase.inf ()



Cannot access: C:\WINDOWS\ERDNT\CFrecovery.bat

Attempting to restore permissions of : C:\WINDOWS\ERDNT\CFrecovery.bat

[1] 2009-08-29 07:35:32 110 C:\WINDOWS\ERDNT\CFrecovery.bat ()



Cannot access: C:\WINDOWS\ERDNT\Hiv-backup\DEFAULT

Attempting to restore permissions of : C:\WINDOWS\ERDNT\Hiv-backup\DEFAULT






;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2009-08-29 13:01:01
PROTECTIONS: 1
MALWARE: 27
SUSPECTS: 1
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
AVG Anti-Virus Free 8.5 Yes Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@doubleclick[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@atdmt[1].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@247realmedia[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@mediaplex[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@com[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.azjmp.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@statcounter[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Jeannie\Cookies\jeannie@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@apmebf[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Jeannie\Cookies\jeannie@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Jeannie\Cookies\jeannie@bs.serving-sys[2].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@www.burstbeacon[1].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.www.burstbeacon.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[www.burstbeacon.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@advertising[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@ads.pointroll[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.ads.pointroll.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\system@zedo[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Jorgi\Application Data\Mozilla\Firefox\Profiles\4fcmorp4.default\cookies.txt[.go.com/]
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[.target.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@smartadserver[2].txt
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[citi.bridgetrack.com/]
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[citi.bridgetrack.com/]
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Tori\Application Data\Mozilla\Firefox\Profiles\oll3wffg.default\cookies.txt[citi.bridgetrack.com/]
00590315 Rootkit/Agent.LNB HackTools No 0 Yes No C:\WINDOWS\system32\drivers\uedh.sys
00966839 Spyware/Virtumonde Spyware No 1 Yes No C:\Program Files\Viewpoint\Viewpoint Experience Technology\Components\SWFView.dll
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes Yes C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1\A0000079.sys
02888262 Exploit/Gimsh.B HackTools No 0 Yes No C:\Documents and Settings\Kodi\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-5efd1945-1a4ed3b9.zip[vmain.class]
05315412 Generic Malware Virus/Trojan No 0 Yes No C:\Downloads\SeaWorldTycoon-dm[1].exe
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location
;===============================================================================
=================================================================================
===================
No C:\Downloads\MCFHuntsville-dm[1].exe
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================

Can you run mrt.exe now ?

Repeat this process again
Go start run and paste in the bolded line below
"%userprofile%\desktop\win32kdiag.exe" -f -r
when it is finished post the log again, did it error again ?


Scan/submit these files at virus total
C:\WINDOWS\system32\drivers\uedh.sys
C:\Downloads\SeaWorldTycoon-dm[1].exe
http://www.virustotal.com/

I see youve ran combofix in the past, zip up and attach the old logs
c:\combofix.txt c:\qoobox\ComboFix2.txt ComboFix3.txt etc etc etc

Lonny, had the same error come up for win32.

Could not find the uedh.sys file.

MCFHuntsville-dm_1_.exe was found to be a trymedia adware/trojan.

LogA was the only log I could find for combo/QooBox.

I can run MRT.exe now.




Log file is located at: C:\Documents and Settings\Lee Elizabeth\Desktop\Win32kDiag.txt

Removing all found mount points.

Attempting to reset file permissions.

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Cannot access: C:\WINDOWS\ERDNT\Hiv-backup\SOFTWARE

Attempting to restore permissions of : C:\WINDOWS\ERDNT\Hiv-backup\SOFTWARE




LogA:



\Registry\Machine\System\CurrentControlSet\Services\vkquwexg

*******************


Fatal error: integrity of Services key failed verification check! Security may be fatally compromised. Exiting immediately.

Could not open script file! Status: 0xc0000034 Abort!

I tried win32kdiag in safe mode and it seems to run ok, but it looks like its going to take awhile to complete.

Here is the win32diag log, it finally finished.

Log file is located at: C:\Documents and Settings\Administrator\Desktop\Win32kDiag.txt

Removing all found mount points.

Attempting to reset file permissions.

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Cannot access: C:\WINDOWS\system32\drivers\etc\hosts.20090824-215246.backup

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\etc\hosts.20090824-215246.backup

[1] 2009-08-24 21:50:02 323503 C:\WINDOWS\system32\drivers\etc\hosts.20090824-215246.backup ()



Cannot access: C:\WINDOWS\system32\drivers\etc\hosts.bak

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\etc\hosts.bak

[1] 2009-08-24 21:52:46 323503 C:\WINDOWS\system32\drivers\etc\hosts.bak ()



Cannot access: C:\WINDOWS\system32\drivers\Lbd.sys

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\Lbd.sys

[1] 2009-07-03 09:49:08 64160 C:\WINDOWS\system32\drivers\Lbd.sys (Lavasoft AB)

[1] 2009-07-03 09:49:08 64160 C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\Lbd.sys ()



Cannot access: C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

[1] 2009-08-24 23:07:49 0 C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf ()



Cannot access: C:\WINDOWS\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf

[1] 2009-08-24 23:10:00 0 C:\WINDOWS\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf ()



Cannot access: C:\WINDOWS\system32\drivers\nuidfltr.sys

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\nuidfltr.sys

[1] 2009-05-09 01:14:20 14736 C:\WINDOWS\system32\drivers\nuidfltr.sys (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\drivers\pavboot.sys

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\pavboot.sys

[1] 2008-06-19 17:24:30 28544 C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)



Cannot access: C:\WINDOWS\system32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf

[1] 2009-08-25 07:26:00 0 C:\WINDOWS\system32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf ()



Cannot access: C:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll

[1] 2005-04-20 12:32:12 331776 C:\WINDOWS\$NtUninstallKB913800$\wpdmtpdr.dll (Microsoft Corporation)

[1] 2005-04-20 12:32:12 331776 C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpdr.dll (Microsoft Corporation)

[1] 2004-08-10 06:00:00 333824 C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}$BACKUP$\System\wpdmtpdr.dll (Microsoft Corporation)

[1] 2006-10-18 21:47:22 671232 C:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll (Microsoft Corporation)

[1] 2006-03-03 07:33:06 331776 C:\WINDOWS\system32\wpdmtpdr.dll (Microsoft Corporation)

[1] 2005-04-20 12:32:12 331776 C:\i386\wpdmtpdr.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\drivers\wdf01000.sys

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\wdf01000.sys

[1] 2006-11-02 07:22:54 492000 C:\WINDOWS\system32\drivers\wdf01000.sys (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\drivers\wdfldr.sys

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\wdfldr.sys

[1] 2006-11-02 07:22:52 32224 C:\WINDOWS\system32\drivers\wdfldr.sys (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\drivers\WudfPf.sys

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\WudfPf.sys

[1] 2006-09-28 18:55:50 77568 C:\WINDOWS\system32\drivers\WudfPf.sys (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\drivers\WudfRd.sys

Attempting to restore permissions of : C:\WINDOWS\system32\drivers\WudfRd.sys

[1] 2006-09-28 19:00:34 82944 C:\WINDOWS\system32\drivers\WudfRd.sys (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\Lbd.cat

Attempting to restore permissions of : C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\Lbd.cat

[1] 2009-07-03 09:49:08 6460 C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\Lbd.cat ()



Cannot access: C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\lbd.inf

Attempting to restore permissions of : C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\lbd.inf

[1] 2009-07-03 09:49:08 3250 C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\lbd.inf ()



Cannot access: C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\Lbd.sys

Attempting to restore permissions of : C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\Lbd.sys

[1] 2009-07-03 09:49:08 64160 C:\WINDOWS\system32\drivers\Lbd.sys (Lavasoft AB)

[1] 2009-07-03 09:49:08 64160 C:\WINDOWS\system32\DRVSTORE\lbd_4C6E0193F967021F4DECA024CA3950BECD8BF864\Lbd.sys (Lavasoft AB)



Cannot access: C:\WINDOWS\system32\en-US\IERtUtil.dll.mui

Attempting to restore permissions of : C:\WINDOWS\system32\en-US\IERtUtil.dll.mui

[2] 2007-03-07 12:40:23 267776 C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2007-04-25 04:08:33 267776 C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2007-06-27 09:39:52 267776 C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2007-08-20 05:02:10 267776 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2007-10-10 18:47:27 267776 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2007-12-06 21:01:11 267776 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2008-03-01 08:03:01 267776 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2008-04-22 22:35:36 267776 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2008-06-23 11:01:44 267776 C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2008-08-26 04:08:39 267776 C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2008-10-16 15:24:09 267776 C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2008-12-20 18:55:50 267776 C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iertutil.dll (Microsoft Corporation)

[2] 2009-02-20 13:09:52 268288 C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iertutil.dll (Microsoft Corporation)

[2] 2009-04-28 23:49:18 268288 C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iertutil.dll (Microsoft Corporation)

[2] 2009-06-29 11:23:11 268288 C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iertutil.dll (Microsoft Corporation)

[2] 2009-07-03 12:06:50 1985536 C:\WINDOWS\$hf_mig$\KB972260-IE8\SP3QFE\iertutil.dll (Microsoft Corporation)

[2] 2006-10-17 12:57:20 266752 C:\WINDOWS\ie7updates\KB928090-IE7\iertutil.dll (Microsoft Corporation)

[2] 2007-01-08 20:02:04 266752 C:\WINDOWS\ie7updates\KB931768-IE7\iertutil.dll (Microsoft Corporation)

[2] 2007-03-07 12:45:16 266752 C:\WINDOWS\ie7updates\KB933566-IE7\iertutil.dll (Microsoft Corporation)

[2] 2007-04-25 03:41:11 267776 C:\WINDOWS\ie7updates\KB937143-IE7\iertutil.dll (Microsoft Corporation)

[2] 2007-06-27 09:34:55 267776 C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll (Microsoft Corporation)

[2] 2007-08-20 05:04:38 267776 C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll (Microsoft Corporation)

[2] 2007-10-10 18:55:55 267776 C:\WINDOWS\ie7updates\KB944533-IE7\iertutil.dll (Microsoft Corporation)

[2] 2007-12-06 21:21:46 267776 C:\WINDOWS\ie7updates\KB947864-IE7\iertutil.dll (Microsoft Corporation)

[2] 2008-03-01 08:06:25 267776 C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll (Microsoft Corporation)

[2] 2008-04-22 23:16:28 267776 C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll (Microsoft Corporation)

[2] 2008-06-23 11:57:34 267776 C:\WINDOWS\ie7updates\KB956390-IE7\iertutil.dll (Microsoft Corporation)

[2] 2008-08-26 02:24:29 267776 C:\WINDOWS\ie7updates\KB958215-IE7\iertutil.dll (Microsoft Corporation)

[2] 2008-10-16 15:38:37 267776 C:\WINDOWS\ie7updates\KB961260-IE7\iertutil.dll (Microsoft Corporation)

[2] 2008-12-20 18:15:22 267776 C:\WINDOWS\ie7updates\KB963027-IE7\iertutil.dll (Microsoft Corporation)

[2] 2009-02-20 13:09:37 268288 C:\WINDOWS\ie7updates\KB969897-IE7\iertutil.dll (Microsoft Corporation)

[2] 2009-04-28 23:55:57 268288 C:\WINDOWS\ie7updates\KB972260-IE7\iertutil.dll (Microsoft Corporation)

[2] 2009-06-29 11:12:16 268288 C:\WINDOWS\ie8\iertutil.dll (Microsoft Corporation)

[2] 2009-03-08 04:32:22 1985024 C:\WINDOWS\ie8updates\KB972260-IE8\iertutil.dll (Microsoft Corporation)

[2] 2009-07-03 12:09:24 1985536 C:\WINDOWS\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\iertutil.dll (Microsoft Corporation)

[2] 2009-07-03 12:06:50 1985536 C:\WINDOWS\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\iertutil.dll (Microsoft Corporation)

[2] 2009-07-03 12:09:24 1985536 C:\WINDOWS\system32\dllcache\iertutil.dll (Microsoft Corporation)

[1] 2009-03-08 14:22:28 2560 C:\WINDOWS\system32\en-US\IERtUtil.dll.mui ()

[2] 2009-07-03 12:09:24 1985536 C:\WINDOWS\system32\iertutil.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\en-US\ieudinit.exe.mui

Attempting to restore permissions of : C:\WINDOWS\system32\en-US\ieudinit.exe.mui

[2] 2007-03-06 02:54:01 13824 C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2007-04-24 09:20:37 13824 C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2007-06-27 04:16:27 13824 C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2007-08-17 05:12:35 13824 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2007-10-10 03:16:47 13824 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2007-12-06 03:34:29 13824 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2008-02-22 04:39:56 13824 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2008-04-22 03:02:19 13824 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2008-06-23 03:23:18 13824 C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2008-08-25 03:43:21 13824 C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2008-10-16 07:46:08 13824 C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2008-12-19 04:41:52 13824 C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ieudinit.exe (Microsoft Corporation)

[2] 2009-02-20 05:24:02 13824 C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\ieudinit.exe (Microsoft Corporation)

[2] 2009-04-28 04:56:00 13824 C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\ieudinit.exe (Microsoft Corporation)

[2] 2009-06-29 06:25:01 13824 C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\ieudinit.exe (Microsoft Corporation)

[2] 2006-11-07 04:26:32 13312 C:\WINDOWS\ie7updates\KB928090-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2007-01-08 19:08:10 13824 C:\WINDOWS\ie7updates\KB931768-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2007-02-27 03:20:47 13824 C:\WINDOWS\ie7updates\KB933566-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2007-04-24 09:26:20 13824 C:\WINDOWS\ie7updates\KB937143-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2007-06-27 03:27:05 13824 C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2007-08-17 05:20:54 13824 C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2007-10-10 05:59:40 13824 C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2007-12-06 06:00:58 13824 C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2008-02-22 05:00:51 13824 C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2008-04-22 02:39:58 13824 C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2008-06-23 04:20:26 13824 C:\WINDOWS\ie7updates\KB956390-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2008-08-25 03:38:00 13824 C:\WINDOWS\ie7updates\KB958215-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2008-10-16 08:11:09 13824 C:\WINDOWS\ie7updates\KB961260-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2008-12-19 04:10:15 13824 C:\WINDOWS\ie7updates\KB963027-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2009-02-20 05:20:49 13824 C:\WINDOWS\ie7updates\KB969897-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2009-04-28 04:05:56 13824 C:\WINDOWS\ie7updates\KB972260-IE7\ieudinit.exe (Microsoft Corporation)

[2] 2009-06-29 06:07:12 13824 C:\WINDOWS\system32\dllcache\ieudinit.exe (Microsoft Corporation)

[1] 2009-03-08 04:32:50 3072 C:\WINDOWS\system32\en-US\ieudinit.exe.mui ()

[2] 2009-03-08 04:32:52 36864 C:\WINDOWS\system32\ieudinit.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\en-US\jscript.dll.mui

Attempting to restore permissions of : C:\WINDOWS\system32\en-US\jscript.dll.mui

[2] 2006-05-18 00:37:43 450560 C:\WINDOWS\$hf_mig$\KB917344\SP2QFE\jscript.dll (Microsoft Corporation)

[2] 2008-05-09 05:45:15 512000 C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\jscript.dll (Microsoft Corporation)

[2] 2006-10-17 13:00:00 491520 C:\WINDOWS\$NtServicePackUninstall$\jscript.dll (Microsoft Corporation)

[2] 2004-08-10 06:00:00 450560 C:\WINDOWS\$NtUninstallKB917344$\jscript.dll (Microsoft Corporation)

[2] 2008-04-13 19:11:56 512000 C:\WINDOWS\$NtUninstallKB951978$\jscript.dll (Microsoft Corporation)

[2] 2006-05-18 00:24:25 450560 C:\WINDOWS\ie7\jscript.dll (Microsoft Corporation)

[2] 2008-05-09 05:53:39 512000 C:\WINDOWS\ie8\jscript.dll (Microsoft Corporation)

[2] 2008-04-13 19:11:56 512000 C:\WINDOWS\ServicePackFiles\i386\jscript.dll (Microsoft Corporation)

[2] 2009-03-08 04:33:16 726528 C:\WINDOWS\system32\dllcache\jscript.dll (Microsoft Corporation)

[1] 2009-03-08 14:21:06 13312 C:\WINDOWS\system32\en-US\jscript.dll.mui ()

[2] 2009-03-08 04:33:16 726528 C:\WINDOWS\system32\jscript.dll (Microsoft Corporation)

[1] 2008-02-23 09:40:19 12800 C:\WINDOWS\system32\scripting\jscript.dll.mui ()

[2] 2004-08-10 06:00:00 450560 C:\i386\jscript.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\en-US\vbscript.dll.mui

Attempting to restore permissions of : C:\WINDOWS\system32\en-US\vbscript.dll.mui

[2] 2008-05-09 05:45:16 430080 C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\vbscript.dll (Microsoft Corporation)

[2] 2006-11-07 22:03:36 413696 C:\WINDOWS\$NtServicePackUninstall$\vbscript.dll (Microsoft Corporation)

[2] 2008-04-13 19:12:08 434176 C:\WINDOWS\$NtUninstallKB951978$\vbscript.dll (Microsoft Corporation)

[2] 2004-08-10 06:00:00 417792 C:\WINDOWS\ie7\vbscript.dll (Microsoft Corporation)

[2] 2008-05-09 05:53:40 430080 C:\WINDOWS\ie8\vbscript.dll (Microsoft Corporation)

[2] 2008-04-13 19:12:08 434176 C:\WINDOWS\ServicePackFiles\i386\vbscript.dll (Microsoft Corporation)

[2] 2009-03-08 04:33:06 420352 C:\WINDOWS\system32\dllcache\vbscript.dll (Microsoft Corporation)

[1] 2009-03-08 14:22:26 11264 C:\WINDOWS\system32\en-US\vbscript.dll.mui ()

[1] 2008-02-23 09:40:19 11264 C:\WINDOWS\system32\scripting\vbscript.dll.mui ()

[2] 2009-03-08 04:33:06 420352 C:\WINDOWS\system32\vbscript.dll (Microsoft Corporation)

[2] 2004-08-10 06:00:00 417792 C:\i386\vbscript.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\ie4uinit.exe.mui

Attempting to restore permissions of : C:\WINDOWS\system32\ie4uinit.exe.mui

[2] 2007-03-06 02:54:01 56832 C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2007-04-24 09:20:37 56832 C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2007-06-27 04:16:27 63488 C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2007-08-17 05:12:34 70656 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2007-10-10 03:16:47 70656 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2007-12-06 03:34:28 70656 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2008-02-22 04:39:56 70656 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2008-04-22 03:02:19 70656 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2008-06-23 03:23:18 70656 C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2008-08-25 03:43:21 70656 C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2008-10-16 07:46:08 70656 C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2008-12-19 04:41:51 70656 C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2009-02-20 05:24:01 70656 C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2009-04-28 04:56:00 70656 C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2009-06-29 06:25:01 70656 C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2009-07-03 06:38:14 173056 C:\WINDOWS\$hf_mig$\KB972260-IE8\SP3QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2004-08-10 06:00:00 34304 C:\WINDOWS\ie7\ie4uinit.exe (Microsoft Corporation)

[2] 2006-11-07 04:26:28 54784 C:\WINDOWS\ie7updates\KB928090-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2007-01-08 19:08:14 56832 C:\WINDOWS\ie7updates\KB931768-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2007-03-07 03:28:17 56832 C:\WINDOWS\ie7updates\KB933566-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2007-04-24 09:26:20 56832 C:\WINDOWS\ie7updates\KB937143-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2007-06-27 03:27:04 63488 C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2007-08-17 05:20:54 63488 C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2007-10-10 05:59:40 70656 C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2007-12-06 06:00:57 70656 C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2008-02-29 03:55:23 70656 C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2008-04-22 02:39:58 70656 C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2008-06-23 04:20:25 70656 C:\WINDOWS\ie7updates\KB956390-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2008-08-25 03:37:59 70656 C:\WINDOWS\ie7updates\KB958215-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2008-10-16 08:11:09 70656 C:\WINDOWS\ie7updates\KB961260-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2008-12-19 04:10:15 70656 C:\WINDOWS\ie7updates\KB963027-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2009-02-20 05:20:49 70656 C:\WINDOWS\ie7updates\KB969897-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2009-04-28 04:05:56 70656 C:\WINDOWS\ie7updates\KB972260-IE7\ie4uinit.exe (Microsoft Corporation)

[2] 2009-06-29 06:07:11 70656 C:\WINDOWS\ie8\ie4uinit.exe (Microsoft Corporation)

[1] 2006-11-07 04:26:22 4096 C:\WINDOWS\ie8\ie4uinit.exe.mui ()

[2] 2009-03-08 04:32:54 173056 C:\WINDOWS\ie8updates\KB972260-IE8\ie4uinit.exe (Microsoft Corporation)

[2] 2008-04-13 19:12:22 34304 C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe (Microsoft Corporation)

[2] 2009-07-03 06:01:06 173056 C:\WINDOWS\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\ie4uinit.exe (Microsoft Corporation)

[2] 2009-07-03 06:38:14 173056 C:\WINDOWS\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\ie4uinit.exe (Microsoft Corporation)

[2] 2009-07-03 06:01:06 173056 C:\WINDOWS\system32\dllcache\ie4uinit.exe (Microsoft Corporation)

[1] 2009-03-08 14:21:06 4096 C:\WINDOWS\system32\en-US\ie4uinit.exe.mui ()

[2] 2009-07-03 06:01:06 173056 C:\WINDOWS\system32\ie4uinit.exe (Microsoft Corporation)

[1] 2009-03-08 14:21:06 4096 C:\WINDOWS\system32\ie4uinit.exe.mui ()

[2] 2004-08-10 06:00:00 34304 C:\i386\ie4uinit.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\IE8Eula.rtf

Attempting to restore permissions of : C:\WINDOWS\system32\IE8Eula.rtf

[1] 2009-02-12 22:20:42 5630 C:\WINDOWS\system32\IE8Eula.rtf ()



Cannot access: C:\WINDOWS\system32\iedkcs32.dll.mui

Attempting to restore permissions of : C:\WINDOWS\system32\iedkcs32.dll.mui

[2] 2007-03-07 12:40:21 384000 C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2007-04-25 04:08:32 384512 C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2007-06-27 09:39:44 384512 C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2007-08-20 05:02:09 387584 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2007-10-10 18:47:27 388096 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2007-12-06 21:01:08 388096 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2008-03-01 08:03:00 388608 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2008-04-22 22:35:35 388608 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2008-06-23 11:01:40 388608 C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2008-08-26 04:08:37 388608 C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2008-10-16 15:24:09 388608 C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2008-12-20 18:55:46 388608 C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2009-02-20 13:09:51 388608 C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2009-04-28 23:49:15 388608 C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2009-06-29 11:23:10 388608 C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2009-07-03 12:06:49 386048 C:\WINDOWS\$hf_mig$\KB972260-IE8\SP3QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2004-08-10 06:00:00 323584 C:\WINDOWS\ie7\iedkcs32.dll (Microsoft Corporation)

[2] 2006-11-07 04:27:10 382976 C:\WINDOWS\ie7updates\KB928090-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2007-01-08 20:02:02 384000 C:\WINDOWS\ie7updates\KB931768-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2007-03-07 12:45:15 384000 C:\WINDOWS\ie7updates\KB933566-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2007-04-25 03:41:10 384512 C:\WINDOWS\ie7updates\KB937143-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2007-06-27 09:34:51 384512 C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2007-08-20 05:04:35 384512 C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2007-10-10 18:55:52 384512 C:\WINDOWS\ie7updates\KB944533-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2007-12-06 21:21:45 384512 C:\WINDOWS\ie7updates\KB947864-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2008-03-01 08:06:22 384512 C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2008-04-22 23:16:28 384512 C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2008-06-23 11:57:29 384512 C:\WINDOWS\ie7updates\KB956390-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2008-08-26 02:24:29 384512 C:\WINDOWS\ie7updates\KB958215-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2008-10-16 15:38:35 384512 C:\WINDOWS\ie7updates\KB961260-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2008-12-20 18:15:16 384512 C:\WINDOWS\ie7updates\KB963027-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2009-02-20 13:09:36 385024 C:\WINDOWS\ie7updates\KB969897-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2009-04-28 23:55:56 385024 C:\WINDOWS\ie7updates\KB972260-IE7\iedkcs32.dll (Microsoft Corporation)

[2] 2009-06-29 11:12:14 385024 C:\WINDOWS\ie8\iedkcs32.dll (Microsoft Corporation)

[1] 2006-11-07 04:26:32 81920 C:\WINDOWS\ie8\iedkcs32.dll.mui ()

[2] 2009-03-08 14:09:26 391536 C:\WINDOWS\ie8updates\KB972260-IE8\iedkcs32.dll (Microsoft Corporation)

[2] 2008-04-13 19:11:54 323584 C:\WINDOWS\ServicePackFiles\i386\iedkcs32.dll (Microsoft Corporation)

[2] 2009-07-03 12:09:21 386048 C:\WINDOWS\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3GDR\iedkcs32.dll (Microsoft Corporation)

[2] 2009-07-03 12:06:49 386048 C:\WINDOWS\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\SP3QFE\iedkcs32.dll (Microsoft Corporation)

[2] 2009-07-03 12:09:21 386048 C:\WINDOWS\system32\dllcache\iedkcs32.dll (Microsoft Corporation)

[1] 2009-03-08 14:20:54 81920 C:\WINDOWS\system32\en-US\iedkcs32.dll.mui ()

[2] 2009-07-03 12:09:21 386048 C:\WINDOWS\system32\iedkcs32.dll (Microsoft Corporation)

[1] 2009-03-08 14:20:54 81920 C:\WINDOWS\system32\iedkcs32.dll.mui ()

[2] 2004-08-10 06:00:00 323584 C:\i386\iedkcs32.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\images\i1.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\i1.gif

[1] 2008-11-21 17:17:12 1744 C:\WINDOWS\system32\images\i1.gif ()



Cannot access: C:\WINDOWS\system32\images\i2.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\i2.gif

[1] 2008-11-21 17:17:24 1663 C:\WINDOWS\system32\images\i2.gif ()



Cannot access: C:\WINDOWS\system32\images\i3.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\i3.gif

[1] 2008-11-21 17:17:36 1689 C:\WINDOWS\system32\images\i3.gif ()



Cannot access: C:\WINDOWS\system32\images\j1.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\j1.gif

[1] 2008-11-21 17:12:38 3957 C:\WINDOWS\system32\images\j1.gif ()



Cannot access: C:\WINDOWS\system32\images\j2.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\j2.gif

[1] 2008-11-21 17:12:54 47 C:\WINDOWS\system32\images\j2.gif ()



Cannot access: C:\WINDOWS\system32\images\j3.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\j3.gif

[1] 2008-11-27 18:33:30 3857 C:\WINDOWS\system32\images\j3.gif ()



Cannot access: C:\WINDOWS\system32\images\jj1.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\jj1.gif

[1] 2008-11-21 17:14:28 114 C:\WINDOWS\system32\images\jj1.gif ()



Cannot access: C:\WINDOWS\system32\images\jj2.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\jj2.gif

[1] 2008-11-21 17:14:40 48 C:\WINDOWS\system32\images\jj2.gif ()



Cannot access: C:\WINDOWS\system32\images\jj3.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\jj3.gif

[1] 2008-11-21 17:40:38 105 C:\WINDOWS\system32\images\jj3.gif ()



Cannot access: C:\WINDOWS\system32\images\l1.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\l1.gif

[1] 2008-11-21 16:39:28 3749 C:\WINDOWS\system32\images\l1.gif ()



Cannot access: C:\WINDOWS\system32\images\l2.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\l2.gif

[1] 2008-11-21 16:39:46 92 C:\WINDOWS\system32\images\l2.gif ()



Cannot access: C:\WINDOWS\system32\images\l3.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\l3.gif

[1] 2008-11-21 16:40:00 468 C:\WINDOWS\system32\images\l3.gif ()



Cannot access: C:\WINDOWS\system32\images\pix.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\pix.gif

[1] 2008-11-21 17:44:38 70 C:\WINDOWS\system32\images\pix.gif ()



Cannot access: C:\WINDOWS\system32\images\t1.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\t1.gif

[1] 2008-11-21 16:47:12 621 C:\WINDOWS\system32\images\t1.gif ()



Cannot access: C:\WINDOWS\system32\images\t2.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\t2.gif

[1] 2008-11-21 17:17:00 1015 C:\WINDOWS\system32\images\t2.gif ()



Cannot access: C:\WINDOWS\system32\images\up1.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\up1.gif

[1] 2008-11-21 16:28:46 5568 C:\WINDOWS\system32\images\up1.gif ()



Cannot access: C:\WINDOWS\system32\images\up2.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\up2.gif

[1] 2008-11-21 16:29:00 696 C:\WINDOWS\system32\images\up2.gif ()



Cannot access: C:\WINDOWS\system32\images\w1.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\w1.gif

[1] 2008-11-21 16:56:02 3028 C:\WINDOWS\system32\images\w1.gif ()



Cannot access: C:\WINDOWS\system32\images\w11.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\w11.gif

[1] 2008-11-21 17:08:10 3431 C:\WINDOWS\system32\images\w11.gif ()



Cannot access: C:\WINDOWS\system32\images\w2.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\w2.gif

[1] 2008-11-21 16:56:20 47 C:\WINDOWS\system32\images\w2.gif ()



Cannot access: C:\WINDOWS\system32\images\w3.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\w3.gif

[1] 2008-11-27 18:30:14 3430 C:\WINDOWS\system32\images\w3.gif ()



Cannot access: C:\WINDOWS\system32\images\w3.jpg

Attempting to restore permissions of : C:\WINDOWS\system32\images\w3.jpg

[1] 2008-11-27 18:34:20 1912 C:\WINDOWS\system32\images\w3.jpg ()



Cannot access: C:\WINDOWS\system32\images\wt1.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\wt1.gif

[1] 2008-11-21 16:57:06 176 C:\WINDOWS\system32\images\wt1.gif ()



Cannot access: C:\WINDOWS\system32\images\wt2.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\wt2.gif

[1] 2008-11-21 16:57:20 51 C:\WINDOWS\system32\images\wt2.gif ()



Cannot access: C:\WINDOWS\system32\images\wt3.gif

Attempting to restore permissions of : C:\WINDOWS\system32\images\wt3.gif

[1] 2008-11-21 16:57:34 119 C:\WINDOWS\system32\images\wt3.gif ()



Cannot access: C:\WINDOWS\system32\MP43DECD.dll

Attempting to restore permissions of : C:\WINDOWS\system32\MP43DECD.dll

[1] 2006-10-18 21:47:14 259072 C:\WINDOWS\system32\MP43DECD.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\MP4SDECD.dll

Attempting to restore permissions of : C:\WINDOWS\system32\MP4SDECD.dll

[1] 2006-10-18 21:47:14 317440 C:\WINDOWS\system32\MP4SDECD.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\MPG4DECD.dll

Attempting to restore permissions of : C:\WINDOWS\system32\MPG4DECD.dll

[1] 2006-10-18 21:47:14 259072 C:\WINDOWS\system32\MPG4DECD.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\MRT.exe

Attempting to restore permissions of : C:\WINDOWS\system32\MRT.exe

[1] 2009-08-28 08:49:10 24281536 C:\WINDOWS\system32\MRT.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\msdbg2.dll

Attempting to restore permissions of : C:\WINDOWS\system32\msdbg2.dll

[1] 2009-01-07 18:20:18 265720 C:\WINDOWS\system32\msdbg2.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\msdelta.dll

Attempting to restore permissions of : C:\WINDOWS\system32\msdelta.dll

[1] 2006-10-02 15:28:42 312128 C:\WINDOWS\system32\msdelta.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\mshta.exe.mui

Attempting to restore permissions of : C:\WINDOWS\system32\mshta.exe.mui

[2] 2004-08-10 06:00:00 29184 C:\WINDOWS\ie7\mshta.exe (Microsoft Corporation)

[2] 2006-10-17 12:56:10 45568 C:\WINDOWS\ie8\mshta.exe (Microsoft Corporation)

[1] 2006-10-17 12:56:06 2560 C:\WINDOWS\ie8\mshta.exe.mui ()

[2] 2008-04-13 19:12:27 29184 C:\WINDOWS\ServicePackFiles\i386\mshta.exe (Microsoft Corporation)

[2] 2009-03-08 04:31:02 45568 C:\WINDOWS\system32\dllcache\mshta.exe (Microsoft Corporation)

[1] 2009-03-08 14:22:18 2560 C:\WINDOWS\system32\en-US\mshta.exe.mui ()

[2] 2009-03-08 04:31:02 45568 C:\WINDOWS\system32\mshta.exe (Microsoft Corporation)

[1] 2009-03-08 14:22:18 2560 C:\WINDOWS\system32\mshta.exe.mui ()

[2] 2004-08-10 06:00:00 29184 C:\i386\mshta.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\msrating.dll.mui

Attempting to restore permissions of : C:\WINDOWS\system32\msrating.dll.mui

[2] 2005-09-02 18:53:40 146432 C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2005-10-20 22:38:07 146432 C:\WINDOWS\$hf_mig$\KB905915\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2007-03-07 12:40:27 193024 C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2007-04-25 04:08:34 193024 C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2007-06-27 09:40:01 193024 C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2007-08-20 05:02:11 193024 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2007-10-10 18:47:28 193024 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2007-12-06 21:01:13 193024 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2008-03-01 08:03:01 193024 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2008-04-22 22:35:36 193024 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2008-06-23 11:01:49 193024 C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2008-08-26 04:08:44 193024 C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2008-10-16 15:24:10 193024 C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2008-12-20 18:55:56 193024 C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\msrating.dll (Microsoft Corporation)

[2] 2009-02-20 13:09:53 193024 C:\WINDOWS\$hf_mig$\KB963027-IE7\SP3QFE\msrating.dll (Microsoft Corporation)

[2] 2009-04-28 23:49:28 193024 C:\WINDOWS\$hf_mig$\KB969897-IE7\SP3QFE\msrating.dll (Microsoft Corporation)

[2] 2009-06-29 11:23:12 193024 C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\msrating.dll (Microsoft Corporation)

[2] 2005-09-02 18:52:05 146432 C:\WINDOWS\$NtUninstallKB905915$\msrating.dll (Microsoft Corporation)

[2] 2005-10-20 22:39:29 146432 C:\WINDOWS\$NtUninstallKB912812$\msrating.dll (Microsoft Corporation)

[2] 2006-03-03 22:58:48 146432 C:\WINDOWS\$NtUninstallKB916281$\msrating.dll (Microsoft Corporation)

[2] 2006-05-10 00:25:21 146432 C:\WINDOWS\$NtUninstallKB918899$\msrating.dll (Microsoft Corporation)

[2] 2006-06-23 06:25:30 146432 C:\WINDOWS\$NtUninstallKB922760$\msrating.dll (Microsoft Corporation)

[2] 2006-09-14 03:31:28 146432 C:\WINDOWS\$NtUninstallKB925454$\msrating.dll (Microsoft Corporation)

[2] 2006-10-23 10:34:21 146432 C:\WINDOWS\ie7\msrating.dll (Microsoft Corporation)

[2] 2006-10-17 13:05:10 192000 C:\WINDOWS\ie7updates\KB928090-IE7\msrating.dll (Microsoft Corporation)

[2] 2007-01-08 20:03:02 193024 C:\WINDOWS\ie7updates\KB931768-IE7\msrating.dll (Microsoft Corporation)

[2] 2007-03-07 12:45:17 193024 C:\WINDOWS\ie7updates\KB933566-IE7\msrating.dll (Microsoft Corporation)

[2] 2007-04-25 03:41:15 193024 C:\WINDOWS\ie7updates\KB937143-IE7\msrating.dll (Microsoft Corporation)

[2] 2007-06-27 09:34:58 193024 C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll (Microsoft Corporation)

[2] 2007-08-20 05:04:41 193024 C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll (Microsoft Corporation)

[2] 2007-10-10 18:55:58 193024 C:\WINDOWS\ie7updates\KB944533-IE7\msrating.dll (Microsoft Corporation)

[2] 2007-12-06 21:21:48 193024 C:\WINDOWS\ie7updates\KB947864-IE7\msrating.dll (Microsoft Corporation)

[2] 2008-03-01 08:06:28 193024 C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll (Microsoft Corporation)

[2] 2008-04-22 23:16:28 193024 C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll (Microsoft Corporation)

[2] 2008-06-23 11:57:39 193024 C:\WINDOWS\ie7updates\KB956390-IE7\msrating.dll (Microsoft Corporation)

[2] 2008-08-26 02:24:30 193024 C:\WINDOWS\ie7updates\KB958215-IE7\msrating.dll (Microsoft Corporation)

[2] 2008-10-16 15:38:38 193024 C:\WINDOWS\ie7updates\KB961260-IE7\msrating.dll (Microsoft Corporation)

[2] 2008-12-20 18:15:31 193024 C:\WINDOWS\ie7updates\KB963027-IE7\msrating.dll (Microsoft Corporation)

[2] 2009-02-20 13:09:38 193024 C:\WINDOWS\ie7updates\KB969897-IE7\msrating.dll (Microsoft Corporation)

[2] 2009-04-28 23:56:00 193024 C:\WINDOWS\ie7updates\KB972260-IE7\msrating.dll (Microsoft Corporation)

[2] 2009-06-29 11:12:18 193024 C:\WINDOWS\ie8\msrating.dll (Microsoft Corporation)

[1] 2006-10-17 13:04:50 90112 C:\WINDOWS\ie8\msrating.dll.mui ()

[2] 2008-04-13 19:12:00 146432 C:\WINDOWS\ServicePackFiles\i386\msrating.dll (Microsoft Corporation)

[2] 2004-08-10 06:00:00 60416 C:\WINDOWS\system32\dllcache\msratelc.dll (Microsoft Corporation)

[2] 2009-03-08 04:34:18 193536 C:\WINDOWS\system32\dllcache\msrating.dll (Microsoft Corporation)

[1] 2009-03-08 14:22:30 49152 C:\WINDOWS\system32\en-US\msrating.dll.mui ()

[2] 2004-08-10 06:00:00 60416 C:\WINDOWS\system32\msratelc.dll (Microsoft Corporation)

[2] 2009-03-08 04:34:18 193536 C:\WINDOWS\system32\msrating.dll (Microsoft Corporation)

[1] 2009-03-08 14:22:30 49152 C:\WINDOWS\system32\msrating.dll.mui ()

[2] 2004-08-10 06:00:00 60416 C:\i386\msratelc.dll (Microsoft Corporation)

[2] 2005-09-02 18:52:05 146432 C:\i386\msrating.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\New Microsoft PowerPoint Presentation.ppt

Attempting to restore permissions of : C:\WINDOWS\system32\New Microsoft PowerPoint Presentation.ppt

[1] 2009-08-28 08:56:53 11264 C:\WINDOWS\system32\New Microsoft PowerPoint Presentation.ppt ()



Cannot access: C:\WINDOWS\system32\nscompat.tlb

Attempting to restore permissions of : C:\WINDOWS\system32\nscompat.tlb

[1] 2009-08-25 07:28:59 23392 C:\WINDOWS\system32\nscompat.tlb ()

[1] 2005-08-16 05:42:52 23392 C:\i386\nscompat.tlb ()



Cannot access: C:\WINDOWS\system32\PortableDeviceApi.dll

Attempting to restore permissions of : C:\WINDOWS\system32\PortableDeviceApi.dll

[1] 2006-10-18 21:47:18 284160 C:\WINDOWS\system32\PortableDeviceApi.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\PortableDeviceClassExtension.dll

Attempting to restore permissions of : C:\WINDOWS\system32\PortableDeviceClassExtension.dll

[1] 2006-10-18 21:47:18 101888 C:\WINDOWS\system32\PortableDeviceClassExtension.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\PortableDeviceTypes.dll

Attempting to restore permissions of : C:\WINDOWS\system32\PortableDeviceTypes.dll

[1] 2006-10-18 21:47:18 166912 C:\WINDOWS\system32\PortableDeviceTypes.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\PortableDeviceWiaCompat.dll

Attempting to restore permissions of : C:\WINDOWS\system32\PortableDeviceWiaCompat.dll

[1] 2006-10-18 21:47:18 132096 C:\WINDOWS\system32\PortableDeviceWiaCompat.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\PortableDeviceWMDRM.dll

Attempting to restore permissions of : C:\WINDOWS\system32\PortableDeviceWMDRM.dll

[1] 2006-10-18 21:47:18 199168 C:\WINDOWS\system32\PortableDeviceWMDRM.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\prntvpt.dll

Attempting to restore permissions of : C:\WINDOWS\system32\prntvpt.dll

[1] 2008-07-06 07:06:10 117760 C:\WINDOWS\system32\prntvpt.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hidserv.inf

Attempting to restore permissions of : C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hidserv.inf

[1] 2004-08-10 06:00:00 4433 C:\WINDOWS\$NtServicePackUninstall$\hidserv.inf ()

[1] 2008-04-13 11:28:29 4433 C:\WINDOWS\inf\hidserv.inf ()

[1] 2008-04-13 11:28:29 4433 C:\WINDOWS\ServicePackFiles\i386\hidserv.inf ()

[1] 2008-04-13 11:28:29 4433 C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hidserv.inf ()

[1] 2008-04-13 11:28:29 4433 C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hidserv.inf ()

[1] 2004-08-10 06:00:00 4433 C:\i386\hidserv.inf ()



Cannot access: C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hidserv.PNF

Attempting to restore permissions of : C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hidserv.PNF

[1] 2009-02-28 13:52:20 12720 C:\WINDOWS\inf\hidserv.PNF ()

[1] 2009-02-28 13:52:20 12720 C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hidserv.PNF ()

[1] 2009-02-28 13:52:20 12720 C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hidserv.PNF ()



Cannot access: C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\i386\hidserv.dll

Attempting to restore permissions of : C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\i386\hidserv.dll

[1] 2008-04-13 19:11:54 21504 C:\WINDOWS\ServicePackFiles\i386\hidserv.dll (Microsoft Corporation)

[1] 2008-04-13 18:11:54 21504 C:\WINDOWS\system32\dllcache\hidserv.dll (Microsoft Corporation)

[1] 2008-04-13 18:11:54 21504 C:\WINDOWS\system32\hidserv.dll (Microsoft Corporation)

[1] 2008-04-13 18:11:54 21504 C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\i386\hidserv.dll (Microsoft Corporation)

[1] 2008-04-13 18:11:54 21504 C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\hidserv.dll ()

[2] 2008-04-13 18:11:54 21504 C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1\A0000071.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hidserv.inf

Attempting to restore permissions of : C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hidserv.inf

[1] 2004-08-10 06:00:00 4433 C:\WINDOWS\$NtServicePackUninstall$\hidserv.inf ()

[1] 2008-04-13 11:28:29 4433 C:\WINDOWS\inf\hidserv.inf ()

[1] 2008-04-13 11:28:29 4433 C:\WINDOWS\ServicePackFiles\i386\hidserv.inf ()

[1] 2008-04-13 11:28:29 4433 C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hidserv.inf ()

[1] 2008-04-13 11:28:29 4433 C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hidserv.inf ()

[1] 2004-08-10 06:00:00 4433 C:\i386\hidserv.inf ()



Cannot access: C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hidserv.PNF

Attempting to restore permissions of : C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hidserv.PNF

[1] 2009-02-28 13:52:20 12720 C:\WINDOWS\inf\hidserv.PNF ()

[1] 2009-02-28 13:52:20 12720 C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hidserv.PNF ()

[1] 2009-02-28 13:52:20 12720 C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hidserv.PNF ()



Cannot access: C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\hidserv.dll

Attempting to restore permissions of : C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\hidserv.dll

[1] 2008-04-13 19:11:54 21504 C:\WINDOWS\ServicePackFiles\i386\hidserv.dll (Microsoft Corporation)

[1] 2008-04-13 18:11:54 21504 C:\WINDOWS\system32\dllcache\hidserv.dll (Microsoft Corporation)

[1] 2008-04-13 18:11:54 21504 C:\WINDOWS\system32\hidserv.dll (Microsoft Corporation)

[1] 2008-04-13 18:11:54 21504 C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\i386\hidserv.dll (Microsoft Corporation)

[1] 2008-04-13 18:11:54 21504 C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\hidserv.dll (Microsoft Corporation)

[2] 2008-04-13 18:11:54 21504 C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1\A0000071.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\rgb9rast_2.dll

Attempting to restore permissions of : C:\WINDOWS\system32\rgb9rast_2.dll

[1] 2006-08-24 16:15:06 150808 C:\WINDOWS\system32\rgb9rast_2.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\spmsg.dll

Attempting to restore permissions of : C:\WINDOWS\system32\spmsg.dll

[1] 2004-10-14 13:34:46 7168 C:\WINDOWS\$hf_mig$\KB873339\spmsg.dll (Microsoft Corporation)

[1] 2004-11-30 17:29:47 7168 C:\WINDOWS\$hf_mig$\KB885250\spmsg.dll (Microsoft Corporation)

[1] 2004-10-14 13:34:46 7168 C:\WINDOWS\$hf_mig$\KB885835\spmsg.dll (Microsoft Corporation)

[1] 2004-10-14 12:34:52 7168 C:\WINDOWS\$hf_mig$\KB885836\spmsg.dll (Microsoft Corporation)

[1] 2004-10-14 13:34:51 7168 C:\WINDOWS\$hf_mig$\KB886185\spmsg.dll (Microsoft Corporation)

[1] 2004-10-14 13:34:51 7168 C:\WINDOWS\$hf_mig$\KB887472\spmsg.dll (Microsoft Corporation)

[1] 2004-10-14 11:34:52 7168 C:\WINDOWS\$hf_mig$\KB887742\spmsg.dll (Microsoft Corporation)

[1] 2004-10-14 13:34:46 7168 C:\WINDOWS\$hf_mig$\KB888113\spmsg.dll (Microsoft Corporation)

[1] 2004-11-30 15:46:38 7168 C:\WINDOWS\$hf_mig$\KB888302\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB890046\spmsg.dll (Microsoft Corporation)

[1] 2004-10-14 13:34:46 7168 C:\WINDOWS\$hf_mig$\KB890175\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 20:35:06 14048 C:\WINDOWS\$hf_mig$\KB890859\spmsg.dll (Microsoft Corporation)

[1] 2004-10-14 13:34:46 7168 C:\WINDOWS\$hf_mig$\KB891781\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB893756\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB894391\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB896358\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 22:35:05 14048 C:\WINDOWS\$hf_mig$\KB896422\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 22:35:05 14048 C:\WINDOWS\$hf_mig$\KB896423\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB896424\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB896428\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 22:35:05 14048 C:\WINDOWS\$hf_mig$\KB896688\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 22:35:05 14048 C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB899587\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 22:35:05 14048 C:\WINDOWS\$hf_mig$\KB899588\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB899589\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 22:35:05 14048 C:\WINDOWS\$hf_mig$\KB899591\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB900485\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB900725\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB901017\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 22:35:05 14048 C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB902400\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB904942\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 22:35:05 14048 C:\WINDOWS\$hf_mig$\KB905414\spmsg.dll (Microsoft Corporation)

[1] 2005-02-24 21:35:06 14048 C:\WINDOWS\$hf_mig$\KB905749\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB905915\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB908519\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB908531\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB910437\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB911280\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB911562\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB911567\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB911927\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB912919\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB913446\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB913580\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB914388\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB914389\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB915865\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:16:49 14048 C:\WINDOWS\$hf_mig$\KB916595\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB917159\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:16:49 14048 C:\WINDOWS\$hf_mig$\KB917344\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB917422\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB917953\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB918118\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB918439\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB919007\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB920214\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:16:49 14048 C:\WINDOWS\$hf_mig$\KB920670\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB920683\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB920685\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB920872\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB921398\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB921503\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:16:49 14048 C:\WINDOWS\$hf_mig$\KB921883\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB922582\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB922616\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:16:49 14048 C:\WINDOWS\$hf_mig$\KB922819\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:16:49 14048 C:\WINDOWS\$hf_mig$\KB923414\spmsg.dll (Microsoft Corporation)

[1] 2008-07-09 02:38:24 17272 C:\WINDOWS\$hf_mig$\KB923561\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB923694\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:16:49 14048 C:\WINDOWS\$hf_mig$\KB923980\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB924191\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB924270\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:16:49 14048 C:\WINDOWS\$hf_mig$\KB925486\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB925902\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB926255\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:16:49 14048 C:\WINDOWS\$hf_mig$\KB926436\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB927779\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB927802\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB927891\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB928255\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB928843\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB929123\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB929969\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB930178\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB930916\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB931261\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB931768-IE7\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB931836\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB933360\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB933566-IE7\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB935839\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB935840\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB936021\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB936357\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB937143-IE7\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB938127-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB938464\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\$hf_mig$\KB938828\spmsg.dll (Microsoft Corporation)

[1] 2006-01-19 14:29:19 14048 C:\WINDOWS\$hf_mig$\KB938829\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB939653-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB946648\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:33 14048 C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:33 14048 C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:33 14048 C:\WINDOWS\$hf_mig$\KB950759-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB951066\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB951978\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB952004\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB952287\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:33 14048 C:\WINDOWS\$hf_mig$\KB953838-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB953839\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB954211\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB954459\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB954600\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB955069\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB955839\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB956390-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB956391\spmsg.dll (Microsoft Corporation)

[1] 2008-07-09 02:38:24 17272 C:\WINDOWS\$hf_mig$\KB956572\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB956744\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB956802\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB956803\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB956841\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB957095\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB957097\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:33 14048 C:\WINDOWS\$hf_mig$\KB958215-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB958644\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB958687\spmsg.dll (Microsoft Corporation)

[1] 2008-07-09 02:38:24 17272 C:\WINDOWS\$hf_mig$\KB958690\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB959426\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\$hf_mig$\KB960225\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:33 14048 C:\WINDOWS\$hf_mig$\KB960714-IE7\spmsg.dll (Microsoft Corporation)

[1] 2008-07-09 02:38:24 17272 C:\WINDOWS\$hf_mig$\KB960715\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB960803\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB960859\spmsg.dll (Microsoft Corporation)

[1] 2007-03-05 20:22:36 14048 C:\WINDOWS\$hf_mig$\KB961260-IE7\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB961371\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB961373\spmsg.dll (Microsoft Corporation)

[1] 2008-07-09 02:38:24 17272 C:\WINDOWS\$hf_mig$\KB961501\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB963027-IE7\spmsg.dll (Microsoft Corporation)

[1] 2008-07-09 02:38:24 17272 C:\WINDOWS\$hf_mig$\KB967715\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB968389\spmsg.dll (Microsoft Corporation)

[1] 2008-07-09 02:38:24 17272 C:\WINDOWS\$hf_mig$\KB968537\spmsg.dll (Microsoft Corporation)

[1] 2008-07-09 02:38:24 17272 C:\WINDOWS\$hf_mig$\KB969897-IE7\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB969898\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 07:39:22 17272 C:\WINDOWS\$hf_mig$\KB970238\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB971557\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB971633\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB971657\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB972260-IE7\spmsg.dll (Microsoft Corporation)

[1] 2009-05-26 06:40:52 17272 C:\WINDOWS\$hf_mig$\KB972260-IE8\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB973346\spmsg.dll (Microsoft Corporation)

[1] 2009-05-26 06:40:52 17272 C:\WINDOWS\$hf_mig$\KB973354\spmsg.dll (Microsoft Corporation)

[1] 2009-05-26 06:40:52 17272 C:\WINDOWS\$hf_mig$\KB973507\spmsg.dll (Microsoft Corporation)

[1] 2009-05-26 06:40:52 17272 C:\WINDOWS\$hf_mig$\KB973815\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB973869\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\$hf_mig$\KB973874-IE8\spmsg.dll (Microsoft Corporation)

[1] 2007-10-27 16:39:36 13536 C:\WINDOWS\SoftwareDistribution\Download\0eee9353a41e1ffb7bc4207f5acf499f\spmsg.dll (Microsoft Corporation)

[1] 2007-07-27 09:41:40 16760 C:\WINDOWS\SoftwareDistribution\Download\0f4651f0d7e6cb55f0a983df3c4744d0\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\SoftwareDistribution\Download\0facce6115ab861022eae3087e064a2a\spmsg.dll (Microsoft Corporation)

[1] 2007-07-27 10:41:40 16760 C:\WINDOWS\SoftwareDistribution\Download\122ece420ea2cadf18cdf04c90b6d8f1\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\SoftwareDistribution\Download\12e31c1143e5f70785d44c867e7b3e13\spmsg.dll (Microsoft Corporation)

[1] 2005-10-12 18:12:25 14048 C:\WINDOWS\SoftwareDistribution\Download\355f788b6de8a3ec79e9aa172e6317f1\spmsg.dll (Microsoft Corporation)

[1] 2009-05-26 06:40:52 17272 C:\WINDOWS\SoftwareDistribution\Download\4f16665ac0e64727d0b09512c7b6d40c\spmsg.dll (Microsoft Corporation)

[1] 2008-07-08 08:02:01 17272 C:\WINDOWS\SoftwareDistribution\Download\555558d2c7916b118ad5baef62b18136\spmsg.dll (Microsoft Corporation)

[1] 2007-11-30 06:18:51 17272 C:\WINDOWS\SoftwareDistribution\Download\6b4e49f1a78b9558feeb103a07b06a32\spmsg.dll (Microsoft Corporation)

[1] 2005-06-28 10:20:24 13536 C:\WINDOWS\SoftwareDistribution\Download\7e70d7f1344368369315f2c9066e4c9c\spmsg.dll (Microsoft Corporation)

[1] 2009-05-26 06:40:52 17272 C:\WINDOWS\SoftwareDistribution\Download\8aff2c132bea63255d1cab83ef37c507\spmsg.dll (Microsoft Corporation)

[1] 2005-06-28 10:20:24 13536 C:\WINDOWS\SoftwareDistribution\Download\c962147e4dae17cf1ccf121c9ee6bae1\spmsg.dll (Microsoft Corporation)

[1] 2007-07-27 10:41:40 16760 C:\WINDOWS\SoftwareDistribution\Download\d78980f289ff5cbd790156e5d1e92d28\spmsg.dll (Microsoft Corporation)

[1] 2005-10-13 14:22:46 14048 C:\WINDOWS\SoftwareDistribution\Download\e78701f4553c7b8bd23d126e11cef688\spmsg.dll (Microsoft Corporation)

[1] 2009-01-07 18:20:58 16928 C:\WINDOWS\system32\spmsg.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

Attempting to restore permissions of : C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

[1] 2008-07-06 05:50:03 597504 C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe (Microsoft Corporation)

[1] 2008-07-06 05:50:03 597504 C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\spupdsvc.exe

Attempting to restore permissions of : C:\WINDOWS\system32\spupdsvc.exe

[1] 2005-02-24 22:35:05 22752 C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe (Microsoft Corporation)

[1] 2007-07-27 10:41:38 26488 C:\WINDOWS\SoftwareDistribution\Download\122ece420ea2cadf18cdf04c90b6d8f1\spupdsvc.exe (Microsoft Corporation)

[1] 2005-06-28 10:21:34 22752 C:\WINDOWS\SoftwareDistribution\Download\c962147e4dae17cf1ccf121c9ee6bae1\spupdsvc.exe (Microsoft Corporation)

[1] 2005-10-13 14:22:46 22752 C:\WINDOWS\SoftwareDistribution\Download\e78701f4553c7b8bd23d126e11cef688\spupdsvc.exe (Microsoft Corporation)

[1] 2009-01-07 18:21:00 26144 C:\WINDOWS\system32\spupdsvc.exe (Microsoft Corporation)

[1] 2005-09-26 16:04:42 22752 C:\i386\spupdsvc.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\TuneUpDefragService.exe

Attempting to restore permissions of : C:\WINDOWS\system32\TuneUpDefragService.exe

[1] 2009-08-24 22:39:26 355584 C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)



Cannot access: C:\WINDOWS\system32\uxtuneup.dll

Attempting to restore permissions of : C:\WINDOWS\system32\uxtuneup.dll

[1] 2008-05-29 09:28:54 28416 C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)



Cannot access: C:\WINDOWS\system32\wbem\Logs\FrameWork.log

Attempting to restore permissions of : C:\WINDOWS\system32\wbem\Logs\FrameWork.log

[1] 2009-08-30 21:12:46 25711 C:\WINDOWS\system32\wbem\Logs\FrameWork.log ()

[1] 2006-02-22 14:05:52 611 C:\i386\FrameWork.log ()



Cannot access: C:\WINDOWS\system32\wbem\Logs\mofcomp.log

Attempting to restore permissions of : C:\WINDOWS\system32\wbem\Logs\mofcomp.log

[1] 2009-08-29 18:36:35 3791 C:\WINDOWS\system32\wbem\Logs\mofcomp.log ()

[1] 2006-02-19 14:00:11 22060 C:\i386\mofcomp.log ()



Cannot access: C:\WINDOWS\system32\wdfcoinstaller01005.dll

Attempting to restore permissions of : C:\WINDOWS\system32\wdfcoinstaller01005.dll

[1] 2009-05-09 01:14:52 1418120 C:\WINDOWS\system32\wdfcoinstaller01005.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\wmpeffects.dll

Attempting to restore permissions of : C:\WINDOWS\system32\wmpeffects.dll

[1] 2006-10-18 21:47:20 295936 C:\WINDOWS\$NtUninstallKB954154_WM11$\wmpeffects.dll (Microsoft Corporation)

[1] 2008-06-24 18:12:58 295936 C:\WINDOWS\SoftwareDistribution\Download\d78980f289ff5cbd790156e5d1e92d28\wm11\wmpeffects.dll (Microsoft Corporation)

[1] 2008-06-24 18:12:58 295936 C:\WINDOWS\system32\wmpeffects.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\wmpmde.dll

Attempting to restore permissions of : C:\WINDOWS\system32\wmpmde.dll

[1] 2006-10-18 21:47:20 613376 C:\WINDOWS\system32\wmpmde.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\wmpps.dll

Attempting to restore permissions of : C:\WINDOWS\system32\wmpps.dll

[1] 2006-10-18 21:47:20 130048 C:\WINDOWS\system32\wmpps.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WMVDECOD.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WMVDECOD.dll

[1] 2006-10-18 21:47:22 1543680 C:\WINDOWS\system32\WMVDECOD.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WMVENCOD.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WMVENCOD.dll

[1] 2006-10-18 21:47:22 1574912 C:\WINDOWS\system32\WMVENCOD.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WMVSDECD.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WMVSDECD.dll

[1] 2006-10-18 21:47:22 1382912 C:\WINDOWS\system32\WMVSDECD.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WMVSENCD.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WMVSENCD.dll

[1] 2006-10-18 21:47:22 767488 C:\WINDOWS\system32\WMVSENCD.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WMVXENCD.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WMVXENCD.dll

[1] 2006-10-18 21:47:22 656896 C:\WINDOWS\system32\WMVXENCD.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WpdShext.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WpdShext.dll

[1] 2006-10-18 21:47:22 2603008 C:\WINDOWS\system32\WpdShext.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\wpdshextres.dll

Attempting to restore permissions of : C:\WINDOWS\system32\wpdshextres.dll

[1] 2006-10-18 21:47:22 38400 C:\WINDOWS\system32\wpdshextres.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WPDShServiceObj.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WPDShServiceObj.dll

[1] 2006-10-18 21:47:22 133632 C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WUDFCoinstaller.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WUDFCoinstaller.dll

[1] 2006-09-28 20:13:26 95344 C:\WINDOWS\system32\WUDFCoinstaller.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WudfHost.exe

Attempting to restore permissions of : C:\WINDOWS\system32\WudfHost.exe

[1] 2006-09-28 18:56:38 146432 C:\WINDOWS\system32\WudfHost.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WudfPlatform.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WudfPlatform.dll

[1] 2006-09-28 18:56:16 165376 C:\WINDOWS\system32\WudfPlatform.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WudfSvc.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WudfSvc.dll

[1] 2006-09-28 18:56:14 55808 C:\WINDOWS\system32\WudfSvc.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\WUDFx.dll

Attempting to restore permissions of : C:\WINDOWS\system32\WUDFx.dll

[1] 2006-09-28 18:56:38 316416 C:\WINDOWS\system32\WUDFx.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\xpsshhdr.dll

Attempting to restore permissions of : C:\WINDOWS\system32\xpsshhdr.dll

[1] 2008-07-06 07:06:10 575488 C:\WINDOWS\system32\dllcache\xpsshhdr.dll (Microsoft Corporation)

[1] 2008-07-06 07:06:10 575488 C:\WINDOWS\system32\xpsshhdr.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\system32\xpssvcs.dll

Attempting to restore permissions of : C:\WINDOWS\system32\xpssvcs.dll

[1] 2008-07-06 07:06:10 1676288 C:\WINDOWS\system32\dllcache\xpssvcs.dll (Microsoft Corporation)

[1] 2008-07-06 07:06:10 1676288 C:\WINDOWS\system32\xpssvcs.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\tabletoc.log

Attempting to restore permissions of : C:\WINDOWS\tabletoc.log

[1] 2009-08-30 03:01:23 4665 C:\WINDOWS\tabletoc.log ()



Cannot access: C:\WINDOWS\Tasks\1-Click Maintenance.job

Attempting to restore permissions of : C:\WINDOWS\Tasks\1-Click Maintenance.job

[1] 2009-08-24 22:39:29 502 C:\WINDOWS\Tasks\1-Click Maintenance.job ()



Cannot access: C:\WINDOWS\Temp\Perflib_Perfdata_be4.dat

Attempting to restore permissions of : C:\WINDOWS\Temp\Perflib_Perfdata_be4.dat

[1] 2009-08-30 17:55:21 16384 C:\WINDOWS\Temp\Perflib_Perfdata_be4.dat ()



Cannot access: C:\WINDOWS\Temp\Perflib_Perfdata_be8.dat

Attempting to restore permissions of : C:\WINDOWS\Temp\Perflib_Perfdata_be8.dat

[1] 2009-08-30 18:02:59 16384 C:\WINDOWS\Temp\Perflib_Perfdata_be8.dat ()



Cannot access: C:\WINDOWS\Temp\WGANotify.settings

Attempting to restore permissions of : C:\WINDOWS\Temp\WGANotify.settings

[1] 2009-08-30 19:50:13 409 C:\WINDOWS\Temp\WGANotify.settings ()



Cannot access: C:\WINDOWS\tsoc.log

Attempting to restore permissions of : C:\WINDOWS\tsoc.log

[1] 2009-08-30 03:01:23 42318 C:\WINDOWS\tsoc.log ()



Cannot access: C:\WINDOWS\updspapi.log

Attempting to restore permissions of : C:\WINDOWS\updspapi.log

[1] 2009-08-25 21:33:12 47778 C:\WINDOWS\updspapi.log ()



Cannot access: C:\WINDOWS\Wdf01005Inst.log

Attempting to restore permissions of : C:\WINDOWS\Wdf01005Inst.log

[1] 2009-08-24 23:07:48 33581 C:\WINDOWS\Wdf01005Inst.log ()



Cannot access: C:\WINDOWS\WMFDist11.log

Attempting to restore permissions of : C:\WINDOWS\WMFDist11.log

[1] 2009-08-25 07:27:30 30760 C:\WINDOWS\WMFDist11.log ()



Cannot access: C:\WINDOWS\wmp11.log

Attempting to restore permissions of : C:\WINDOWS\wmp11.log

[1] 2009-08-25 07:29:05 20081 C:\WINDOWS\wmp11.log ()



Cannot access: C:\WINDOWS\wmsetup.log

Attempting to restore permissions of : C:\WINDOWS\wmsetup.log

[1] 2009-08-25 07:44:43 13486 C:\WINDOWS\wmsetup.log ()



Cannot access: C:\WINDOWS\wmsetup10.log

Attempting to restore permissions of : C:\WINDOWS\wmsetup10.log

[1] 2009-08-25 07:29:04 2099 C:\WINDOWS\wmsetup10.log ()



Cannot access: C:\WINDOWS\Wudf01000Inst.log

Attempting to restore permissions of : C:\WINDOWS\Wudf01000Inst.log

[1] 2009-08-25 07:26:00 14709 C:\WINDOWS\Wudf01000Inst.log ()





Finished!

Re-download combofix run it and post the log
After disabling your antivirus program, dont forget to re-enable before getting back on the internet
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Also mention any current problems

Lonny, this puter has multiple accounts. When I try to install ZoneAlarm it will only work on the account that I install it on. I get an error message when logging in to any other account. Other than that, no other problem that I can see.

How many accounts and what type are they ?
You installed za when in what account ? Administrator i assume ?

Run Win32kDiag again but without the switchs, just double click Win32kDiag.exe , post the log please.

This is a family puter with five accounts, all have administrator privileges. ZA was installed on one account, but when I logged in to another account , I get an error.

I ran the Win32kDiag. It ran for a while but I got the error that I got when I first ran it.



Log file is located at: C:\Documents and Settings\Lee Elizabeth\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Cannot access: C:\WINDOWS\ERDNT\subs\software.LOG

[1] 2009-08-29 07:35:40 1024 C:\WINDOWS\ERDNT\subs\software.LOG ()

[1] 2009-09-01 19:53:30 1024 C:\WINDOWS\system32\config\software.LOG ()



Cannot access: C:\WINDOWS\ERDNT\subs\SYSTEM

Download and run this MS fixit tool
How do I restore security settings to the default settings: http://support.microsoft.com/kb/313222
Restart your PC afterwards

Disconnect from the internet and disable your antivirus program (dont forget to re-enable afterwards)
Launch Notepad (Important, not wordpad or other third party text editor), and copy and paste the contents
of the code box below into a new text file. (dont include the word code)
Save it as file name: cfscript.txt


As in the picture above drag and drop cfscript.txt onto combofix.exe
when it is finished a text will open, post it.


Run Win32kDiag again and post its log, should be no errors this time ?

Well Lonny, I think that did it. ZA installed and ran with no problems on all accounts and no error messages at all... so far.


ComboFix 09-08-31.03 - Lee Elizabeth 09/02/2009 4:41.3.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.574 [GMT -5:00]
Running from: c:\documents and settings\Lee Elizabeth\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Lee Elizabeth\Desktop\cfscript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

FILE ::
"c:\downloads\SeaWorldTycoon-dm[1].exe"
"c:\windows\system32\drivers\uedh.sys"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\images
c:\windows\system32\images\i1.gif
c:\windows\system32\images\i2.gif
c:\windows\system32\images\i3.gif
c:\windows\system32\images\j1.gif
c:\windows\system32\images\j2.gif
c:\windows\system32\images\j3.gif
c:\windows\system32\images\jj1.gif
c:\windows\system32\images\jj2.gif
c:\windows\system32\images\jj3.gif
c:\windows\system32\images\l1.gif
c:\windows\system32\images\l2.gif
c:\windows\system32\images\l3.gif
c:\windows\system32\images\pix.gif
c:\windows\system32\images\t1.gif
c:\windows\system32\images\t2.gif
c:\windows\system32\images\up1.gif
c:\windows\system32\images\up2.gif
c:\windows\system32\images\w1.gif
c:\windows\system32\images\w11.gif
c:\windows\system32\images\w2.gif
c:\windows\system32\images\w3.gif
c:\windows\system32\images\w3.jpg
c:\windows\system32\images\wt1.gif
c:\windows\system32\images\wt2.gif
c:\windows\system32\images\wt3.gif

.
--------------- FCopy ---------------

c:\windows\ServicePackFiles\i386\eventlog.dll --> c:\windows\system32\eventlog.dll
.
((((((((((((((((((((((((( Files Created from 2009-08-02 to 2009-09-02 )))))))))))))))))))))))))))))))
.

2009-09-02 09:41 . 2008-04-14 00:11 56320 ----a-w- c:\windows\system32\eventlog.dll
2009-09-02 09:41 . 2008-04-14 00:11 56320 ----a-w- c:\windows\system32\dllcache\eventlog.dll
2009-09-02 00:39 . 2009-09-02 00:39 -------- d-----w- c:\program files\Zone Labs
2009-09-01 23:55 . 2009-09-01 23:55 -------- d-----w- c:\documents and settings\Jeannie\Application Data\TuneUp Software
2009-09-01 23:46 . 2009-09-01 23:46 -------- d-----w- c:\program files\CleanUp!
2009-09-01 00:42 . 2009-09-01 01:49 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-09-01 00:40 . 2009-09-02 01:10 -------- d-----w- c:\windows\Internet Logs
2009-08-31 23:23 . 2009-08-31 23:23 -------- d-sh--w- c:\documents and settings\Tori\IETldCache
2009-08-30 22:33 . 2009-07-28 21:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-30 22:33 . 2009-03-30 15:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-08-30 22:33 . 2009-02-13 17:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-08-30 22:33 . 2009-02-13 17:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-08-30 22:33 . 2009-08-30 22:33 -------- d-----w- c:\program files\Avira
2009-08-30 22:33 . 2009-08-30 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-08-30 15:21 . 2009-08-30 15:21 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\Blitware
2009-08-30 15:13 . 2009-08-30 15:13 -------- d-----w- C:\New Folder (2)
2009-08-30 15:13 . 2009-08-30 15:13 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-30 15:00 . 2009-08-30 15:00 -------- d-----w- C:\New Folder
2009-08-30 14:12 . 2009-08-30 14:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\TuneUp Software
2009-08-30 13:43 . 2009-08-30 13:43 -------- d-----w- C:\AVGTemp
2009-08-29 20:48 . 2009-08-29 20:48 -------- d-----w- c:\documents and settings\Lee Elizabeth\Local Settings\Application Data\PCHealth
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\program files\MSBuild
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\program files\Reference Assemblies
2009-08-29 20:37 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-29 20:37 . 2008-07-06 12:06 117760 ----a-w- c:\windows\system32\prntvpt.dll
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- C:\7ae3c67497fdd3d758125a
2009-08-29 20:37 . 2008-07-06 12:06 575488 ----a-w- c:\windows\system32\xpsshhdr.dll
2009-08-29 20:37 . 2008-07-06 12:06 575488 ----a-w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-29 20:37 . 2008-07-06 12:06 1676288 ----a-w- c:\windows\system32\xpssvcs.dll
2009-08-29 20:37 . 2008-07-06 12:06 1676288 ----a-w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-29 20:37 . 2008-07-06 10:50 597504 ----a-w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-29 15:17 . 2008-06-19 22:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-08-29 15:17 . 2009-08-29 15:17 -------- d-----w- c:\program files\Panda Security
2009-08-29 12:35 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-08-28 19:23 . 2009-08-28 19:23 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-08-28 18:54 . 2009-08-28 18:54 -------- d-sh--w- c:\documents and settings\Jeannie\PrivacIE
2009-08-28 18:48 . 2009-08-28 18:48 -------- d-sh--w- c:\documents and settings\Jeannie\IETldCache
2009-08-28 18:18 . 2009-08-28 18:18 -------- d-----w- c:\windows\system32\Adobe
2009-08-28 18:14 . 2009-08-29 14:43 -------- d-----w- c:\program files\FileHippo.com
2009-08-28 16:18 . 2009-08-28 16:18 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-28 16:16 . 2009-08-28 16:16 -------- d-----w- c:\program files\Sophos
2009-08-28 15:06 . 2009-08-28 15:06 -------- d-sh--w- c:\documents and settings\Lee Elizabeth\PrivacIE
2009-08-28 14:07 . 2009-08-28 14:07 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-08-26 02:43 . 2009-08-26 02:43 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-08-26 02:42 . 2009-08-26 02:42 -------- d-sh--w- c:\documents and settings\Lee Elizabeth\IETldCache
2009-08-26 02:33 . 2009-08-07 08:48 100352 ----a-w- c:\windows\system32\dllcache\iecompat.dll
2009-08-26 02:33 . 2009-08-26 02:33 -------- d-----w- c:\windows\ie8updates
2009-08-26 02:32 . 2009-07-03 17:09 12800 ----a-w- c:\windows\system32\dllcache\xpshims.dll
2009-08-26 02:32 . 2009-07-03 17:09 246272 ----a-w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-26 02:30 . 2009-08-26 02:32 -------- dc-h--w- c:\windows\ie8
2009-08-26 02:05 . 2008-04-13 23:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2009-08-26 02:05 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-08-26 02:05 . 2008-04-13 23:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2009-08-26 02:05 . 2001-08-18 03:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-08-26 02:05 . 2001-08-18 03:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-08-26 02:03 . 2001-08-18 03:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2009-08-26 02:03 . 2001-08-17 17:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-08-26 02:03 . 2004-08-04 02:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2009-08-26 02:03 . 2004-08-04 02:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2009-08-26 02:03 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2009-08-26 02:00 . 2004-08-04 02:29 19551 ----a-w- c:\windows\system32\dllcache\watv02nt.sys
2009-08-26 01:59 . 2001-08-17 18:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2009-08-26 01:58 . 2001-08-18 03:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2009-08-26 01:57 . 2001-08-18 03:36 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2009-08-26 01:56 . 2001-08-17 19:56 172768 ----a-w- c:\windows\system32\dllcache\t2r4disp.dll
2009-08-26 01:55 . 2001-08-18 03:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll
2009-08-26 01:54 . 2001-08-17 17:12 24576 ----a-w- c:\windows\system32\dllcache\smc8000n.sys
2009-08-26 01:53 . 2001-07-21 19:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys
2009-08-26 01:52 . 2001-08-17 19:56 245632 ----a-w- c:\windows\system32\dllcache\s3savmx.dll
2009-08-26 01:51 . 2001-08-17 17:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys
2009-08-26 01:50 . 2001-08-17 18:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
2009-08-26 01:49 . 2001-08-18 03:36 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2009-08-26 01:48 . 2001-08-17 18:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2009-08-26 01:48 . 2001-08-17 18:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-08-26 01:48 . 2008-04-13 17:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2009-08-26 01:48 . 2001-08-17 17:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2009-08-26 01:48 . 2001-08-17 17:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2009-08-26 01:48 . 2001-08-17 17:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2009-08-26 01:48 . 2004-08-10 11:00 53248 ----a-w- c:\windows\system32\dllcache\nextlink.dll
2009-08-26 01:48 . 2004-08-04 02:31 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2009-08-26 01:48 . 2001-08-17 17:11 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2009-08-26 01:48 . 2001-08-17 17:50 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2009-08-26 01:48 . 2001-08-18 03:36 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2009-08-26 01:48 . 2001-08-17 18:49 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2009-08-26 01:46 . 2008-04-13 17:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2009-08-26 01:45 . 2004-08-04 02:39 20864 ----a-w- c:\windows\system32\dllcache\lwadihid.sys
2009-08-26 01:44 . 2008-04-13 23:09 6144 ----a-w- c:\windows\system32\dllcache\kbd106.dll
2009-08-26 01:43 . 2001-08-18 03:36 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
2009-08-26 01:42 . 2001-08-17 18:28 391199 ----a-w- c:\windows\system32\dllcache\hsf_k56k.sys
2009-08-26 01:41 . 2001-08-17 18:28 907456 ----a-w- c:\windows\system32\dllcache\hcf_msft.sys
2009-08-26 01:40 . 2001-08-18 03:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll
2009-08-26 01:39 . 2001-08-17 17:10 19996 ----a-w- c:\windows\system32\dllcache\em556n4.sys
2009-08-26 01:38 . 2001-08-18 03:36 110621 ----a-w- c:\windows\system32\dllcache\digirlpt.dll
2009-08-26 01:37 . 2004-08-10 11:00 18944 ----a-w- c:\windows\system32\dllcache\cprofile.exe
2009-08-26 01:36 . 2001-08-17 18:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2009-08-26 01:35 . 2001-08-17 17:11 27678 ----a-w- c:\windows\system32\dllcache\ali5261.sys
2009-08-25 18:12 . 2004-08-10 11:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2009-08-25 18:12 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-08-25 18:12 . 2004-08-10 11:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2009-08-25 18:12 . 2004-08-10 11:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2009-08-25 18:12 . 2004-08-10 11:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2009-08-25 18:12 . 2004-08-10 11:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2009-08-25 18:12 . 2004-08-10 11:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2009-08-25 18:12 . 2004-08-10 11:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2009-08-25 17:15 . 2009-08-25 17:15 -------- d--h--w- c:\windows\PIF
2009-08-25 12:28 . 2009-08-25 12:28 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-25 12:25 . 2009-08-25 12:26 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-08-25 11:37 . 2009-07-03 14:49 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-25 10:51 . 2009-08-25 10:51 152576 ----a-w- c:\documents and settings\Lee Elizabeth\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-25 10:50 . 2009-07-03 14:49 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-08-25 10:49 . 2009-08-25 10:49 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-25 10:49 . 2009-07-08 17:28 2920112 -c--a-w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
2009-08-25 10:49 . 2009-08-25 10:49 -------- d-----w- c:\program files\Lavasoft
2009-08-25 10:49 . 2009-08-25 10:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-08-25 03:39 . 2009-08-25 03:39 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-08-25 03:39 . 2008-05-29 14:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2009-08-25 03:39 . 2009-08-25 03:39 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\TuneUp Software
2009-08-25 03:39 . 2009-08-25 03:39 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-08-25 03:39 . 2009-08-25 03:39 -------- d-----w- c:\program files\TuneUp Utilities 2008
2009-08-25 03:38 . 2009-09-02 09:34 -------- d-sh--w- c:\windows\Installer
2009-08-25 03:38 . 2009-08-25 03:38 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-25 03:36 . 2009-08-25 03:36 -------- d-----w- c:\program files\WinASO
2009-08-25 02:46 . 2009-08-25 04:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-25 02:46 . 2009-08-25 02:50 -------- d-----w- c:\program files\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-31 00:46 . 2006-03-10 00:21 25672 ----a-w- c:\documents and settings\Jeannie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-30 02:31 . 2009-03-01 00:16 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\Winamp
2009-08-30 02:27 . 2009-03-01 00:16 -------- d-----w- c:\program files\Winamp
2009-08-29 20:45 . 2006-08-25 17:28 25672 ----a-w- c:\documents and settings\Lee Elizabeth\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-25 10:52 . 2006-02-19 18:57 -------- d-----w- c:\program files\Java
2009-08-25 04:10 . 2009-08-25 04:10 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-08-25 04:07 . 2009-08-25 04:07 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-08-25 01:17 . 2009-03-24 20:26 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\LimeWire
2009-08-20 12:00 . 2008-12-30 18:26 -------- d-----w- c:\documents and settings\Jorgi\Application Data\LimeWire
2009-08-16 20:45 . 2008-12-25 23:55 -------- d-----w- c:\documents and settings\Tori\Application Data\LimeWire
2009-08-07 15:02 . 2006-02-19 19:04 -------- d-----w- c:\program files\Sonic
2009-08-05 09:01 . 2005-08-16 10:18 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-28 16:24 . 2009-03-28 21:53 -------- d-----w- c:\documents and settings\Tori\Application Data\Winamp
2009-07-25 10:23 . 2009-01-08 12:41 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-24 04:15 . 2006-09-13 23:42 -------- d-----w- c:\program files\Yahoo! Games
2009-07-17 19:01 . 2005-08-16 10:18 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 04:43 . 2005-08-16 10:19 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 18:12 . 2006-06-02 21:02 -------- d-----w- c:\documents and settings\Jorgi\Application Data\AdobeUM
2009-07-03 17:09 . 2005-08-16 10:18 915456 ------w- c:\windows\system32\wininet.dll
2009-06-25 08:25 . 2005-08-16 10:18 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2005-08-16 10:18 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2005-08-16 10:18 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2005-08-16 10:18 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:25 . 2005-08-16 10:18 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2005-08-16 10:18 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2005-08-16 10:18 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-19 01:53 . 2009-06-19 01:53 390664 ----a-w- c:\documents and settings\Jeannie\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-06-16 14:36 . 2005-08-16 10:18 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2005-08-16 10:18 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-14 20:42 . 2006-03-10 00:21 6060 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-06-14 20:42 . 2006-03-10 00:21 104 --sha-r- c:\windows\system32\94E1B6264F.sys
2009-06-12 12:31 . 2005-08-16 10:18 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2005-08-16 10:18 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:19 . 2005-08-16 10:37 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2005-08-16 10:18 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2005-08-16 10:18 132096 ----a-w- c:\windows\system32\wkssvc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellTransferAgent"="c:\documents and settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" [2007-11-13 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 1121280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-02-28 198160]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]

c:\documents and settings\Jorgi\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-3-10 139776]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-2-19 24576]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2005-7-22 151552]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 Achernar;Achernar - SCSI Command Filter Drivers;c:\windows\system32\drivers\Achernar.sys [12/31/2007 2:51 PM 18432]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [8/25/2009 5:50 AM 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [8/29/2009 10:17 AM 28544]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/30/2009 5:33 PM 108289]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [7/3/2009 9:49 AM 1029456]
S3 CrucialSMBusScan;CrucialSMBusScan;\??\c:\windows\system32\drivers\CrucialSMBusScan.sys --> c:\windows\system32\drivers\CrucialSMBusScan.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\16.tmp --> c:\windows\system32\16.tmp [?]
S3 XDva020;XDva020;\??\c:\windows\system32\XDva020.sys --> c:\windows\system32\XDva020.sys [?]
S3 XDva025;XDva025;\??\c:\windows\system32\XDva025.sys --> c:\windows\system32\XDva025.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MESSENGER
*NewlyCreated* - NETLOGON

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-02 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 14:09]

2009-09-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49]

2009-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://updates.installshield.com/GetUpdates.asp?p={8A9B8148-DDD7-448F-BD6C-358386D32354}&r=6.00&v=ISUA%204.50&u={5E27D894-8535-47EE-915C-B8DA76072191}&l=1033&K=ZCEACA7AFC9CCD7EFC9AC4748495C978FF9AB908F498C97A8CE6B90EFC9ECC01FD9FB500FD
EAC
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: microsoft.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-02 14:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\16.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Avg\Avg8]
@DACL=(02 0000)

[HKEY_USERS\.Default\Software\Mozilla\Firefox]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-3368919324-3204225042-3178880711-1006\Software\Local AppWizard-Generated Applications\MMDiag\Settings]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-3368919324-3204225042-3178880711-1006\Software\Mozilla\Firefox\Extensions]
@DACL=(02 0000)

[HKEY_USERS\S-1-5-21-3368919324-3204225042-3178880711-1006\Software\MusicMatch, Inc.\Musicmatch for WMP\4.0]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\781\351460141E82A7EA]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\BVRP Software, Inc\Digital Line Detect]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\BVRP Software, Inc\NetWaiting]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1A2F8FE9-DD9E-44df-9AC5-7C9D19F65803}\InprocServer32]
@DACL=(02 0000)
"Settings"="&Éc¤ÔiDþLcÖó)çóÉDÂ2ÊeilcÖóÓ)çóÉ¢LÔÌL¢ÊÖó'çóÉc¤Ôi|Lc8ÂciÖó&É2iÂ=ÖóÓ))±çóÉÔ|¢cºÖórçóÉDÂ2Öó$ßzçóÉvÂÊc=L¢8ÂciÖó&É2iÂ=ÖóÓ))±çóÉÔ|¢cºÖóHçóÉDÂ2Öós)zz"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1A2F8FE9-DD9E-44df-9AC5-7C9D19F65803}\ProgID]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\LocalServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Acrobat 6.0\\Reader\\plug_ins\\Accessibility.api"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\ProgID]
@DACL=(02 0000)
@="AcroAccess.AcroAccess.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\Programmable]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\TypeLib]
@DACL=(02 0000)
@="{C523F390-9C83-11D3-9094-00104BD0D535}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{C523F39F-9C83-11D3-9094-00104BD0D535}\VersionIndependentProgID]
@DACL=(02 0000)
@="AcroAccess.AcroAccess"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CA32B636-8FAD-44b2-8D70-E3FB336010C4}\InprocServer32]
@DACL=(02 0000)
"Settings"="&Éc¤ÔiDþLcÖó)çóÉDÂ2ÊeilcÖó$'çóÉ¢LÔÌL¢ÊÖósçóÉc¤Ôi|Lc8ÂciÖó&É2iÂ=ÖóÓ))±çóÉÔ|¢cºÖórçóÉDÂ2ÖóÓÓzçóÉvÂÊc=L¢8ÂciÖó&É2iÂ=ÖóÓ))±çóÉÔ|¢cºÖórçóÉDÂ2ÖóHzz"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{CA32B636-8FAD-44b2-8D70-E3FB336010C4}\ProgID]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\LocalServer32]
@DACL=(02 0000)
@="c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\ProgID]
@DACL=(02 0000)
@="Ypager.Messenger.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\TypeLib]
@DACL=(02 0000)
@="{E5D12C41-7B4F-11D3-B5C9-0050045C3C96}"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}\VersionIndependentProgID]
@DACL=(02 0000)
@="Ypager.Messenger"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9E7587D-871C-4944-9CEE-FDF6F70AAB60}\InprocServer32]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F9E7587D-871C-4944-9CEE-FDF6F70AAB60}\ProgID]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CorelPhotoAlbumPhoto\CLSID]
@DACL=(02 0000)
@="{9824EE63-01DC-11D0-9BEA-00A0246FD2EF}"

[HKEY_LOCAL_MACHINE\software\Classes\CorelPhotoAlbumPhoto\Insertable]
@DACL=(02 0000)
@=""

[HKEY_LOCAL_MACHINE\software\Classes\CorelPhotoAlbumPhoto\protocol]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CorelPhotoAlbumPhoto\shell]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}\ProxyStubClsid]
@DACL=(02 0000)
@="{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}\ProxyStubClsid32]
@DACL=(02 0000)
@="{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}\TypeLib]
@DACL=(02 0000)
@="{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{00A987AE-587B-4343-B826-89F17AB41A03}\1.0]
@DACL=(02 0000)
@="AolCalSvr 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{06645894-E73C-413B-8704-71823A9C39B5}\1.0]
@DACL=(02 0000)
@="Cerberus 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{0B54F548-639F-462F-BCDE-9557B8AB378F}\1.0]
@DACL=(02 0000)
@="AOL CETCtrl 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{16D8D842-6E64-489F-99BB-D6CEF503A74E}\1.0]
@DACL=(02 0000)
@="Xanthe 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{1B8B281E-F67E-4212-8D3B-C98B8AE18DA4}\1.0]
@DACL=(02 0000)
@="Downloader 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{1D5C19A6-7D04-4F46-8A38-34CF3A6CD4FD}\1.0]
@DACL=(02 0000)
@SACL=
@="DIGStream 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{229B78B8-38F5-11D5-9001-00C04F4C3B9F}\1.0]
@DACL=(02 0000)
@="CDDBControl(AOL) 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{292ED6B6-D193-408D-A835-F4AE7D8FBE9A}\1.0]
@DACL=(02 0000)
@="AutoPlayCancel 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{296802FE-345A-4CA4-B941-692B8622CC69}\1.0]
@DACL=(02 0000)
@="AxTrack 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{307DE02D-679A-49B9-B582-6E623BE9386F}\1.0]
@DACL=(02 0000)
@="CoachDM 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{39DC8E5F-A573-4D58-8A13-6877A3B672EA}\1.0]
@DACL=(02 0000)
@="SB 2.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{3D056FE7-EA8E-481A-B18F-0B02EBF6B3C1}\1.0]
@DACL=(02 0000)
@="Google Desktop Search API 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}\1.0]
@DACL=(02 0000)
@="GoogleAFE 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{3F8E02B4-6601-41A2-95E7-6BD102935C55}\1.0]
@DACL=(02 0000)
@="Phobos 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{57B2FD05-64D4-4AD7-A92A-7C32FE50A0F4}\1.0]
@DACL=(02 0000)
@="AOL UPFCtrl 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{59014A8C-D5AA-4A1F-9168-5BE204BE31EA}\1.0]
@DACL=(02 0000)
@="Shockwave Flash"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{64E26A20-8A9E-4B33-9F8D-F3663F13811E}\1.0]
@DACL=(02 0000)
@="AOL Member Expression Wizard Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{7248AE87-4089-4ACB-826C-3502D1DD91EB}\1.0]
@DACL=(02 0000)
@="Shockwave ActiveX Control"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{79C10055-C1B5-4754-AC44-003784AA3A44}\1.0]
@DACL=(02 0000)
@="YGPPicInfo 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{7AD23EB0-96E8-11D2-9893-000092A92198}\1.0]
@DACL=(02 0000)
@="CDJewel 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{7EA87435-9C81-40A2-A835-8ACCA259AE38}\1.0]
@DACL=(02 0000)
@="McAfeeAntiPhishingBHO 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{8D66A700-5DF0-4706-9ACA-FEB467A7A853}\1.0]
@DACL=(02 0000)
@="Ares 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{B162D478-EF46-4475-B1FE-216BDEDB7FAD}\1.0]
@DACL=(02 0000)
@="WildTangent Multiplayer 2.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{B7E20302-C22C-4AF2-9D75-C3EB6EEE9DD8}\1.0]
@DACL=(02 0000)
@="WDMHHost 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{CC491105-58FA-437F-A1CE-CC947B6AFE4F}\1.0]
@DACL=(02 0000)
@="Animation Engine 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{DA2FAE70-6518-4700-A264-3500A380F695}\1.0]
@DACL=(02 0000)
@="ABUI 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{DCCAF17F-7581-4C86-9867-56D9405FAC3F}\1.0]
@DACL=(02 0000)
@="Pathfinder 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{E3852602-B619-11D6-94EC-00047521F020}\1.0]
@DACL=(02 0000)
@="WinAmpXChat 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{E3CDD1C0-806B-4BB1-BCA2-694C558E458F}\2.0]
@DACL=(02 0000)
@="Microsoft Forms 2.0 Object Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{ECAD18F1-CA65-11D6-8A1B-00E029570A3E}\1.0]
@DACL=(02 0000)
@="SAMgr 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0]
@DACL=(02 0000)
@="WebDriver 1.0 Type Library"

[HKEY_LOCAL_MACHINE\software\Classes\VCDLayout.Document\CLSID]
@DACL=(02 0000)
@="{01668F03-0AC4-11CF-AB99-00C0F00683EB}"

[HKEY_LOCAL_MACHINE\software\Classes\VCDLayout.Document\shell]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Clients\Media\MUSICMATCH Jukebox\DefaultIcon]
@DACL=(02 0000)
@="c:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mmjblaunch.exe,1"

[HKEY_LOCAL_MACHINE\software\Clients\Media\MUSICMATCH Jukebox\InstallInfo]
@DACL=(02 0000)
"HideIconsCommand"="\"c:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\refreshicon.exe\" /h"
"ShowIconsCommand"="\"c:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\refreshicon.exe\" /s"
"ReinstallCommand"="\"c:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\refreshicon.exe\" /i"
"IconsVisible"=dword:00000001
"OEMShowIcons"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Clients\Media\MUSICMATCH Jukebox\shell]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Disney\DIGStream\Sites]
@DACL=(02 0000)
@SACL=
"ESPNMotion"="http://sports.espn.go.com/espn/espnmotion/ESPNMotionXMLv3"

[HKEY_LOCAL_MACHINE\software\Hexacto\Synchronizer]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\PROSet\SupportTabKey]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\WMI]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Java VM\System Properties]
@DACL=(02 0000)
"http.agent"="Java 1.1"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Monitors]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Player\Schemes]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000
"ServiceExtra"="Partner=Dell&MachineID=G14GJ91\00\00????i\00Ÿ'?\06\00'??\1d\00?'\00'\00\00?\06???\06??K\00?\06??\00'??\00'?'\00\00\00\00\00\00?? \00????Ÿ'\00'\00\00\00'?\06???\06?\01\04\00?\06???\06??????????\00'\00\00???????\06\00'??\03\00?'\00'???\06???\06??????????????\0e\00???\06?\06\00\00???????'\00'???\06?\06?\06??\08\00??????Ÿ'????????????Ÿ'???????\06\00'Ÿ'?\06\01\00???'?\06???'?????'????K"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Subscriptions]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{EC9B8ACF-09C1-4C7B-A6BA-F5CBC478CA71}]
@DACL=(02 0000)
"FriendlyName"="res://MMRadioWMPPlugin.dll/RT_STRING/#102"
"Description"="res://MMRadioWMPPlugin.dll/RT_STRING/#103"
"Capabilities"=dword:c2000001

[HKEY_LOCAL_MACHINE\software\WildTangent\CDA]
@DACL=(02 0000)
"PersistentInstall"=dword:00000000
"Directory"="c:\\Program Files\\WildTangent\\Apps\\CDA\\"
"Version"="5.1.0.40"
"MonitorSettings"="0,5,40 0,60,120 3,5,120 3,60,1200 5,86400,21000000 6,86400,500000000 8,5,120 8,60,200 9,5,40 9,60,200 12,5,120 12,60,200 5,1800,500000"
"FileName0400"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0401"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0402"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0403"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0404"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0405"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0406"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0407"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0408"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0409"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0490"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0500"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"FileName0501"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"LaunchCmd"="\"c:\\Program Files\\WildTangent\\Apps\\CDA\\GameDrvr.exe\" \"c:\\Program Files\\WildTangent\\Apps\\CDA\\cdaEngine0501.dll\""
"StartupCmd"="\"c:\\Program Files\\WildTangent\\Apps\\CDA\\GameDrvr.exe\" /startup \"c:\\Program Files\\WildTangent\\Apps\\CDA\\cdaEngine0501.dll\""
"FileName0502"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"

[HKEY_LOCAL_MACHINE\software\WildTangent\CDA\ControlPanel\DMMP]
@DACL=(02 0000)
"name"="Multiplayer"
"order"="40"
"url"="DMMP/index.html"

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\WildTangent\DDC]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\WildTangent\GameChannel]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\WildTangent\LFS]
@DACL=(02 0000)
"AppConfig"="AppConfig"
"Scripts"="Scripts"
"CDAData"="CDAData"
"TaskStore"="TaskStore"
"WTRoot"="c:\\Program Files\\WildTangent"
"Components"=""
"Apps"="c:\\Program Files\\WildTangent\\Apps"

[HKEY_LOCAL_MACHINE\software\WildTangent\LicenseStores]
@DACL=(02 0000)
"WT"="c:\\Program Files\\WildTangent\\LicenseStores\\WT\\"

[HKEY_LOCAL_MACHINE\software\WildTangent\WebDriverPackages]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\WildTangent\WebDriverPackages\Distributed Multiplayer]
@DACL=(02 0000)
"name"="Multiplayer Support"
"version"="3.0.2.001"

[HKEY_LOCAL_MACHINE\software\WildTangent\WebDriverPackages\WireControl ]
@DACL=(02 0000)
"name"="Game Launcher"
"version"="1.1.0.23"
"installationDirectory"="%WT_APPS%"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2788)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
c:\progra~1\SPYBOT~1\SDHelper.dll
c:\windows\system32\dla\tfswshx.dll
c:\windows\system32\tfswapi.dll
c:\windows\system32\dla\tfswcres.dll
c:\program files\Microsoft Office\Office10\msohev.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-09-02 14:49 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-02 19:48
ComboFix2.txt 2009-09-01 01:38

Pre-Run: 109,655,822,336 bytes free
Post-Run: 109,611,085,824 bytes free

631 --- E O F --- 2009-09-01 23:06





Log file is located at: C:\Documents and Settings\Lee Elizabeth\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!

Good
Go ahead and delete Win32kDiag.exe and text's

One more cfscript

Launch Notepad (Important, not wordpad or other third party text editor), and copy and paste the contents
of the code box below into a new text file. (dont include the word code)
Save it as file name: cfscript.txt

drag and drop cfscript.txt onto combofix.exe
when it is finished a text will open, post it.

ComboFix 09-08-31.03 - Lee Elizabeth 09/03/2009 6:14.4.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.545 [GMT -5:00]
Running from: c:\documents and settings\Lee Elizabeth\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Lee Elizabeth\Desktop\cfscript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((( Files Created from 2009-08-03 to 2009-09-03 )))))))))))))))))))))))))))))))
.

2009-09-02 22:10 . 2009-02-16 05:10 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-09-02 22:10 . 2009-02-16 05:10 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-09-02 22:10 . 2009-02-16 05:10 1221512 ----a-w- c:\windows\system32\zpeng25.dll
2009-09-02 22:10 . 2009-09-02 22:10 -------- d-----w- c:\windows\system32\ZoneLabs
2009-09-02 22:09 . 2009-09-03 10:44 -------- d-----w- c:\windows\Internet Logs
2009-09-02 22:02 . 2009-09-02 22:02 -------- d-----w- c:\program files\CCleaner
2009-09-02 09:41 . 2008-04-14 00:11 56320 ----a-w- c:\windows\system32\dllcache\eventlog.dll
2009-09-02 09:41 . 2008-04-14 00:11 56320 ------w- c:\windows\system32\eventlog.dll
2009-09-02 00:39 . 2009-09-02 00:39 -------- d-----w- c:\program files\Zone Labs
2009-09-01 23:55 . 2009-09-01 23:55 -------- d-----w- c:\documents and settings\Jeannie\Application Data\TuneUp Software
2009-09-01 23:46 . 2009-09-01 23:46 -------- d-----w- c:\program files\CleanUp!
2009-09-01 00:42 . 2009-09-02 22:10 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-08-31 23:23 . 2009-08-31 23:23 -------- d-sh--w- c:\documents and settings\Tori\IETldCache
2009-08-30 22:33 . 2009-07-28 21:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-30 22:33 . 2009-03-30 15:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-08-30 22:33 . 2009-02-13 17:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-08-30 22:33 . 2009-02-13 17:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-08-30 22:33 . 2009-08-30 22:33 -------- d-----w- c:\program files\Avira
2009-08-30 22:33 . 2009-08-30 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-08-30 15:21 . 2009-08-30 15:21 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\Blitware
2009-08-30 15:13 . 2009-08-30 15:13 -------- d-----w- C:\New Folder (2)
2009-08-30 15:13 . 2009-08-30 15:13 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-30 15:00 . 2009-08-30 15:00 -------- d-----w- C:\New Folder
2009-08-30 14:12 . 2009-08-30 14:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\TuneUp Software
2009-08-30 13:43 . 2009-08-30 13:43 -------- d-----w- C:\AVGTemp
2009-08-29 20:48 . 2009-08-29 20:48 -------- d-----w- c:\documents and settings\Lee Elizabeth\Local Settings\Application Data\PCHealth
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\program files\MSBuild
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\program files\Reference Assemblies
2009-08-29 20:37 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-29 20:37 . 2008-07-06 12:06 117760 ----a-w- c:\windows\system32\prntvpt.dll
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- C:\7ae3c67497fdd3d758125a
2009-08-29 20:37 . 2008-07-06 12:06 575488 ----a-w- c:\windows\system32\xpsshhdr.dll
2009-08-29 20:37 . 2008-07-06 12:06 575488 ----a-w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-29 20:37 . 2008-07-06 12:06 1676288 ----a-w- c:\windows\system32\xpssvcs.dll
2009-08-29 20:37 . 2008-07-06 12:06 1676288 ----a-w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-29 20:37 . 2008-07-06 10:50 597504 ----a-w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-29 15:17 . 2008-06-19 22:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-08-29 15:17 . 2009-08-29 15:17 -------- d-----w- c:\program files\Panda Security
2009-08-29 12:35 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-08-28 19:23 . 2009-08-28 19:23 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-08-28 18:54 . 2009-08-28 18:54 -------- d-sh--w- c:\documents and settings\Jeannie\PrivacIE
2009-08-28 18:48 . 2009-08-28 18:48 -------- d-sh--w- c:\documents and settings\Jeannie\IETldCache
2009-08-28 18:18 . 2009-08-28 18:18 -------- d-----w- c:\windows\system32\Adobe
2009-08-28 18:14 . 2009-08-29 14:43 -------- d-----w- c:\program files\FileHippo.com
2009-08-28 16:18 . 2009-08-28 16:18 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-28 16:16 . 2009-08-28 16:16 -------- d-----w- c:\program files\Sophos
2009-08-28 15:06 . 2009-08-28 15:06 -------- d-sh--w- c:\documents and settings\Lee Elizabeth\PrivacIE
2009-08-28 14:07 . 2009-08-28 14:07 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-08-26 02:43 . 2009-08-26 02:43 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-08-26 02:42 . 2009-08-26 02:42 -------- d-sh--w- c:\documents and settings\Lee Elizabeth\IETldCache
2009-08-26 02:33 . 2009-08-07 08:48 100352 ----a-w- c:\windows\system32\dllcache\iecompat.dll
2009-08-26 02:33 . 2009-08-26 02:33 -------- d-----w- c:\windows\ie8updates
2009-08-26 02:32 . 2009-07-03 17:09 12800 ----a-w- c:\windows\system32\dllcache\xpshims.dll
2009-08-26 02:32 . 2009-07-03 17:09 246272 ----a-w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-26 02:30 . 2009-08-26 02:32 -------- dc-h--w- c:\windows\ie8
2009-08-26 02:05 . 2008-04-13 23:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2009-08-26 02:05 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-08-26 02:05 . 2008-04-13 23:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2009-08-26 02:05 . 2001-08-18 03:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-08-26 02:05 . 2001-08-18 03:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-08-26 02:03 . 2001-08-18 03:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2009-08-26 02:03 . 2001-08-17 17:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-08-26 02:03 . 2004-08-04 02:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2009-08-26 02:03 . 2004-08-04 02:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2009-08-26 02:03 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2009-08-26 02:00 . 2004-08-04 02:29 19551 ----a-w- c:\windows\system32\dllcache\watv02nt.sys
2009-08-26 01:59 . 2001-08-17 18:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2009-08-26 01:58 . 2001-08-18 03:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2009-08-26 01:57 . 2001-08-18 03:36 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2009-08-26 01:56 . 2001-08-17 19:56 172768 ----a-w- c:\windows\system32\dllcache\t2r4disp.dll
2009-08-26 01:55 . 2001-08-18 03:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll
2009-08-26 01:54 . 2001-08-17 17:12 24576 ----a-w- c:\windows\system32\dllcache\smc8000n.sys
2009-08-26 01:53 . 2001-07-21 19:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys
2009-08-26 01:52 . 2001-08-17 19:56 245632 ----a-w- c:\windows\system32\dllcache\s3savmx.dll
2009-08-26 01:51 . 2001-08-17 17:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys
2009-08-26 01:50 . 2001-08-17 18:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
2009-08-26 01:49 . 2001-08-18 03:36 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2009-08-26 01:48 . 2001-08-17 18:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2009-08-26 01:48 . 2001-08-17 18:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-08-26 01:48 . 2008-04-13 17:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2009-08-26 01:48 . 2001-08-17 17:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2009-08-26 01:48 . 2001-08-17 17:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2009-08-26 01:48 . 2001-08-17 17:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2009-08-26 01:48 . 2004-08-10 11:00 53248 ----a-w- c:\windows\system32\dllcache\nextlink.dll
2009-08-26 01:48 . 2004-08-04 02:31 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2009-08-26 01:48 . 2001-08-17 17:11 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2009-08-26 01:48 . 2001-08-17 17:50 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2009-08-26 01:48 . 2001-08-18 03:36 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2009-08-26 01:48 . 2001-08-17 18:49 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2009-08-26 01:46 . 2008-04-13 17:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2009-08-26 01:45 . 2004-08-04 02:39 20864 ----a-w- c:\windows\system32\dllcache\lwadihid.sys
2009-08-26 01:44 . 2008-04-13 23:09 6144 ----a-w- c:\windows\system32\dllcache\kbd106.dll
2009-08-26 01:43 . 2001-08-18 03:36 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
2009-08-26 01:42 . 2001-08-17 18:28 391199 ----a-w- c:\windows\system32\dllcache\hsf_k56k.sys
2009-08-26 01:41 . 2001-08-17 18:28 907456 ----a-w- c:\windows\system32\dllcache\hcf_msft.sys
2009-08-26 01:40 . 2001-08-18 03:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll
2009-08-26 01:39 . 2001-08-17 17:10 19996 ----a-w- c:\windows\system32\dllcache\em556n4.sys
2009-08-26 01:38 . 2001-08-18 03:36 110621 ----a-w- c:\windows\system32\dllcache\digirlpt.dll
2009-08-26 01:37 . 2004-08-10 11:00 18944 ----a-w- c:\windows\system32\dllcache\cprofile.exe
2009-08-26 01:36 . 2001-08-17 18:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2009-08-26 01:35 . 2001-08-17 17:11 27678 ----a-w- c:\windows\system32\dllcache\ali5261.sys
2009-08-25 18:12 . 2004-08-10 11:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2009-08-25 18:12 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-08-25 18:12 . 2004-08-10 11:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2009-08-25 18:12 . 2004-08-10 11:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2009-08-25 18:12 . 2004-08-10 11:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2009-08-25 18:12 . 2004-08-10 11:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2009-08-25 18:12 . 2004-08-10 11:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2009-08-25 18:12 . 2004-08-10 11:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2009-08-25 17:15 . 2009-08-25 17:15 -------- d--h--w- c:\windows\PIF
2009-08-25 12:28 . 2009-08-25 12:28 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-25 12:25 . 2009-08-25 12:26 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-08-25 11:37 . 2009-07-03 14:49 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-25 10:51 . 2009-08-25 10:51 152576 ----a-w- c:\documents and settings\Lee Elizabeth\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-25 10:50 . 2009-07-03 14:49 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-08-25 10:49 . 2009-08-25 10:49 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-25 10:49 . 2009-07-08 17:28 2920112 -c--a-w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
2009-08-25 10:49 . 2009-08-25 10:49 -------- d-----w- c:\program files\Lavasoft
2009-08-25 10:49 . 2009-08-25 10:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-08-25 03:39 . 2009-08-25 03:39 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-08-25 03:39 . 2008-05-29 14:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2009-08-25 03:39 . 2009-08-25 03:39 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\TuneUp Software
2009-08-25 03:39 . 2009-08-25 03:39 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-08-25 03:39 . 2009-08-25 03:39 -------- d-----w- c:\program files\TuneUp Utilities 2008

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-31 00:46 . 2006-03-10 00:21 25672 ----a-w- c:\documents and settings\Jeannie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-30 02:31 . 2009-03-01 00:16 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\Winamp
2009-08-30 02:27 . 2009-03-01 00:16 -------- d-----w- c:\program files\Winamp
2009-08-29 20:45 . 2006-08-25 17:28 25672 ----a-w- c:\documents and settings\Lee Elizabeth\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-25 10:52 . 2006-02-19 18:57 -------- d-----w- c:\program files\Java
2009-08-25 04:10 . 2009-08-25 04:10 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-08-25 04:07 . 2009-08-25 04:07 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-08-25 01:17 . 2009-03-24 20:26 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\LimeWire
2009-08-20 12:00 . 2008-12-30 18:26 -------- d-----w- c:\documents and settings\Jorgi\Application Data\LimeWire
2009-08-16 20:45 . 2008-12-25 23:55 -------- d-----w- c:\documents and settings\Tori\Application Data\LimeWire
2009-08-07 15:02 . 2006-02-19 19:04 -------- d-----w- c:\program files\Sonic
2009-08-05 09:01 . 2005-08-16 10:18 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-28 16:24 . 2009-03-28 21:53 -------- d-----w- c:\documents and settings\Tori\Application Data\Winamp
2009-07-25 10:23 . 2009-01-08 12:41 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-24 04:15 . 2006-09-13 23:42 -------- d-----w- c:\program files\Yahoo! Games
2009-07-17 19:01 . 2005-08-16 10:18 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 04:43 . 2005-08-16 10:19 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 18:12 . 2006-06-02 21:02 -------- d-----w- c:\documents and settings\Jorgi\Application Data\AdobeUM
2009-07-03 17:09 . 2005-08-16 10:18 915456 ------w- c:\windows\system32\wininet.dll
2009-06-25 08:25 . 2005-08-16 10:18 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2005-08-16 10:18 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2005-08-16 10:18 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2005-08-16 10:18 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:25 . 2005-08-16 10:18 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2005-08-16 10:18 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2005-08-16 10:18 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-19 01:53 . 2009-06-19 01:53 390664 ----a-w- c:\documents and settings\Jeannie\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-06-16 14:36 . 2005-08-16 10:18 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2005-08-16 10:18 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-14 20:42 . 2006-03-10 00:21 6060 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-06-14 20:42 . 2006-03-10 00:21 104 --sha-r- c:\windows\system32\94E1B6264F.sys
2009-06-12 12:31 . 2005-08-16 10:18 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2005-08-16 10:18 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:19 . 2005-08-16 10:37 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2005-08-16 10:18 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2005-08-16 10:18 132096 ----a-w- c:\windows\system32\wkssvc.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-09-02_19.42.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-03 11:24 . 2009-09-03 11:24 16384 c:\windows\temp\Perflib_Perfdata_750.dat
+ 2009-09-02 22:10 . 2009-02-16 05:10 97672 c:\windows\system32\ZoneLabs\zlquarantine.dll
+ 2009-09-02 22:10 . 2008-11-17 07:24 51688 c:\windows\system32\ZoneLabs\srescan.sys
+ 2009-09-02 22:10 . 2009-02-16 05:10 94088 c:\windows\system32\ZoneLabs\lib\zvpn.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 20360 c:\windows\system32\ZoneLabs\lib\zsys.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 59272 c:\windows\system32\ZoneLabs\lib\zpdp.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 14216 c:\windows\system32\ZoneLabs\lib\zmenu.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 24968 c:\windows\system32\ZoneLabs\lib\zic.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 84872 c:\windows\system32\ZoneLabs\lib\ZAlert.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 34696 c:\windows\system32\ZoneLabs\lib\UpdateUI.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 17800 c:\windows\system32\ZoneLabs\lib\oem_1466.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 10120 c:\windows\system32\ZoneLabs\lib\oem_1454.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 10632 c:\windows\system32\ZoneLabs\lib\oem_1445.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 13704 c:\windows\system32\ZoneLabs\lib\oem_1440.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 11656 c:\windows\system32\ZoneLabs\lib\oem_1413.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 11144 c:\windows\system32\ZoneLabs\lib\oem_1010.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 29576 c:\windows\system32\ZoneLabs\lib\NavBar.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 12168 c:\windows\system32\ZoneLabs\lib\MainLoop.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 35720 c:\windows\system32\ZoneLabs\lib\Alert.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 38280 c:\windows\system32\ZoneLabs\featuremap.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 98184 c:\windows\system32\ZoneLabs\fbl.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 74632 c:\windows\system32\ZoneLabs\camupd.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 35208 c:\windows\system32\vswmi.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 58248 c:\windows\system32\vsregexp.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 9608 c:\windows\system32\ZoneLabs\lib\oem_1460.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 108424 c:\windows\system32\ZoneLabs\zlupdate.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 302472 c:\windows\system32\ZoneLabs\zlsre.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 178568 c:\windows\system32\ZoneLabs\zlparser.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 172936 c:\windows\system32\ZoneLabs\vsvault.dll
+ 2009-09-02 22:09 . 2009-02-16 05:10 108424 c:\windows\system32\ZoneLabs\vsdb.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 176520 c:\windows\system32\ZoneLabs\updclient.exe
+ 2009-09-02 22:10 . 2007-10-11 21:51 832984 c:\windows\system32\ZoneLabs\updating.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 431496 c:\windows\system32\ZoneLabs\ssleay32.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 134536 c:\windows\system32\ZoneLabs\scheduler.dll
+ 2009-09-02 22:10 . 2008-11-17 07:23 796128 c:\windows\system32\ZoneLabs\qrsrecl.dll
+ 2009-09-02 22:10 . 2008-11-17 07:23 722400 c:\windows\system32\ZoneLabs\qrbase.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 118664 c:\windows\system32\ZoneLabs\lib\zui.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 151944 c:\windows\system32\ZoneLabs\lib\ztv.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 188808 c:\windows\system32\ZoneLabs\lib\Overview.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 344968 c:\windows\system32\ZoneLabs\lib\LicenseUI.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 136584 c:\windows\system32\ZoneLabs\lib\DashBoard.zip.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 344456 c:\windows\system32\ZoneLabs\lib\ConfigWizard.zip.dll
+ 2009-09-02 22:09 . 2009-02-04 23:27 548128 c:\windows\system32\ZoneLabs\icslta.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 159112 c:\windows\system32\ZoneLabs\httpblocker.dll
+ 2009-09-02 22:10 . 2008-03-17 21:52 813568 c:\windows\system32\ZoneLabs\dbghelp.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 109960 c:\windows\system32\vsxml.dll
+ 2009-09-02 22:09 . 2009-02-16 05:10 482184 c:\windows\system32\vsutil.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 309128 c:\windows\system32\vspubapi.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 107912 c:\windows\system32\vsmonapi.dll
+ 2009-09-02 22:09 . 2009-02-16 05:10 229256 c:\windows\system32\vsinit.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 353672 c:\windows\system32\vsdatant.sys
+ 2009-09-02 22:09 . 2009-02-16 05:10 110472 c:\windows\system32\vsdata.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 1648520 c:\windows\system32\ZoneLabs\vsruledb.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 2402184 c:\windows\system32\ZoneLabs\vsmon.exe
+ 2009-09-02 22:10 . 2008-11-17 07:23 1512928 c:\windows\system32\ZoneLabs\srescan.dll
+ 2009-09-02 22:10 . 2009-02-16 05:10 1536392 c:\windows\system32\ZoneLabs\lib\zpy.zip.dll
+ 2009-09-02 22:10 . 2008-12-15 06:11 10465257 c:\windows\system32\ZoneLabs\zlasdbup.dat
+ 2009-09-02 22:10 . 2008-12-15 06:11 10465257 c:\windows\system32\ZoneLabs\spyware.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellTransferAgent"="c:\documents and settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" [2007-11-13 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 1121280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-02-28 198160]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]

c:\documents and settings\Jorgi\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-3-10 139776]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-2-19 24576]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2005-7-22 151552]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 Achernar;Achernar - SCSI Command Filter Drivers;c:\windows\system32\drivers\Achernar.sys [12/31/2007 2:51 PM 18432]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [8/25/2009 5:50 AM 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [8/29/2009 10:17 AM 28544]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/30/2009 5:33 PM 108289]
S3 CrucialSMBusScan;CrucialSMBusScan;\??\c:\windows\system32\drivers\CrucialSMBusScan.sys --> c:\windows\system32\drivers\CrucialSMBusScan.sys [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [7/3/2009 9:49 AM 1029456]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\16.tmp --> c:\windows\system32\16.tmp [?]
S3 XDva020;XDva020;\??\c:\windows\system32\XDva020.sys --> c:\windows\system32\XDva020.sys [?]
S3 XDva025;XDva025;\??\c:\windows\system32\XDva025.sys --> c:\windows\system32\XDva025.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-02 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 14:09]

2009-09-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49]

2009-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://updates.installshield.com/GetUpdates.asp?p={8A9B8148-DDD7-448F-BD6C-358386D32354}&r=6.00&v=ISUA%204.50&u={5E27D894-8535-47EE-915C-B8DA76072191}&l=1033&K=ZCEACA7AFC9CCD7EFC9AC4748495C978FF9AB908F498C97A8CE6B90EFC9ECC01FD9FB500FD
EAC
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: microsoft.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-03 06:25
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\16.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\781\351460141E82A7EA\5406\1]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\781\351460141E82A7EA\5406\2]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CorelPhotoAlbumPhoto\protocol\StdFileEditing\verb]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Clients\Media\MUSICMATCH Jukebox\shell\open\command]
@DACL=(02 0000)
@="\"c:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mmjblaunch.exe\"\"%1\""

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\PROSet\SupportTabKey\General\Dell Customer Support]
@DACL=(02 0000)
"Order"=dword:00000001
"Url"="http://support.dell.com"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1000\SUBSYS_0E11B0DF]
@DACL=(02 0000)
"DisplayName"="Compaq NC6132 Gigabit Module"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1000\SUBSYS_0E11B0E0]
@DACL=(02 0000)
"DisplayName"="Compaq NC6133 Gigabit Module"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1000\SUBSYS_0E11B123]
@DACL=(02 0000)
"DisplayName"="Compaq NC6134 Gigabit NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1000\SUBSYS_10140119]
@DACL=(02 0000)
"DisplayName"="IBM Netfinity Gigabit Ethernet SX Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1000\SUBSYS_80861000]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 Gigabit Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1001\SUBSYS_0E11004A]
@DACL=(02 0000)
"DisplayName"="Compaq NC6136 Gigabit Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1001\SUBSYS_101401EA]
@DACL=(02 0000)
"DisplayName"="IBM Gigabit Ethernet SX Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1001\SUBSYS_80861003]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 F Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1004\SUBSYS_0E110049]
@DACL=(02 0000)
"DisplayName"="Compaq NC7132 Gigabit Upgrade Module"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1004\SUBSYS_0E11B1A4]
@DACL=(02 0000)
"DisplayName"="Compaq NC7131 Gigabit Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1004\SUBSYS_101410F2]
@DACL=(02 0000)
"DisplayName"="IBM Total Storage Gigabit Ethernet Copper Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1004\SUBSYS_80861004]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 T Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1004\SUBSYS_80862004]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 T Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1008\SUBSYS_10140269]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1008\SUBSYS_80861107]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 XT Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1008\SUBSYS_80862107]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 XT Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1008\SUBSYS_80862110]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1008\SUBSYS_80863108]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 XT Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1009\SUBSYS_10140268]
@DACL=(02 0000)
"DisplayName"="IBM iSeries Gigabit Ethernet Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1009\SUBSYS_80861109]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 XF Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1009\SUBSYS_80862109]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 XF Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100C\SUBSYS_80861112]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 T Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100C\SUBSYS_80862112]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 T Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100D\SUBSYS_8086110D]
@DACL=(02 0000)
"DisplayName"="Intel® 82544GC-based Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100E\SUBSYS_0E1100BD]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100E\SUBSYS_10140265]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100E\SUBSYS_10140267]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100E\SUBSYS_1014026A]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100E\SUBSYS_8086001E]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100E\SUBSYS_8086002E]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100E\SUBSYS_8086003E]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_100F\SUBSYS_80861001]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1010\SUBSYS_80861011]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Dual Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1010\SUBSYS_80861012]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MF Dual Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1011\SUBSYS_80861002]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MF Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1011\SUBSYS_80861003]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MF Server Adapter (LX)"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1012\SUBSYS_80861012]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MF Dual Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_101D\SUBSYS_80861000]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/1000 MT Quad Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1030\SUBSYS_80861030]
@DACL=(02 0000)
"DisplayName"="Intel® InBusiness 10/100 Network Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1031\SUBSYS_10140209]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1031\SUBSYS_1014022D]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E113001]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LOM with Alert on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E113002]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LOM with Alert on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E113003]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LOM with Alert on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E113004]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LOM with Alert on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E113005]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LOM with Alert on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E113006]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LOM with Alert on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E113007]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LOM with Alert on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B01E]
@DACL=(02 0000)
"DisplayName"="Compaq NC3120 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B01F]
@DACL=(02 0000)
"DisplayName"="Compaq NC3122 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B02F]
@DACL=(02 0000)
"DisplayName"="Compaq NC1120 Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B04A]
@DACL=(02 0000)
"DisplayName"="Compaq 10/100 TX PCI Intel WOL UTP Controller"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B0C6]
@DACL=(02 0000)
"DisplayName"="Compaq NC3161 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B0C7]
@DACL=(02 0000)
"DisplayName"="Compaq NC3160 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B0D7]
@DACL=(02 0000)
"DisplayName"="Compaq NC3121 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B0DD]
@DACL=(02 0000)
"DisplayName"="Compaq NC3131 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B0DE]
@DACL=(02 0000)
"DisplayName"="Compaq NC3132 Fast Ethernet Upgrade Module"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B0E1]
@DACL=(02 0000)
"DisplayName"="Compaq NC3133 Fast Ethernet Upgrade Module"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B134]
@DACL=(02 0000)
"DisplayName"="Compaq NC3163 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B13C]
@DACL=(02 0000)
"DisplayName"="Compaq NC3162 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B144]
@DACL=(02 0000)
"DisplayName"="Compaq NC3123 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B163]
@DACL=(02 0000)
"DisplayName"="Compaq NC3134 Fast Ethernet NIC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B164]
@DACL=(02 0000)
"DisplayName"="Compaq NC3135 Fast Ethernet Upgrade Module"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_0E11B209]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Mobile LAN on Motherboard"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014005C]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_101401BC]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LAN On Motherboard"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_101401F1]
@DACL=(02 0000)
"DisplayName"="IBM 10/100 Ethernet Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_101401F2]
@DACL=(02 0000)
"DisplayName"="IBM 10/100 Ethernet Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10140207]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10140232]
@DACL=(02 0000)
"DisplayName"="IBM 10/100 Dual Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014023F]
@DACL=(02 0000)
"DisplayName"="Intel PRO/100 S Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014105C]
@DACL=(02 0000)
"DisplayName"="IBM Netfinity 10/100 Ethernet Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014305C]
@DACL=(02 0000)
"DisplayName"="IBM 10/100 EtherJet PCI Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014405C]
@DACL=(02 0000)
"DisplayName"="IBM 10/100 EtherJet PCI Adapter with Alert on LAN"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014505C]
@DACL=(02 0000)
"DisplayName"="IBM 10/100 EtherJet Secure Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014605C]
@DACL=(02 0000)
"DisplayName"="IBM 10/100 EtherJet Secure Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014705C]
@DACL=(02 0000)
"DisplayName"="IBM Netfinity 10/100 Ethernet Security Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014805C]
@DACL=(02 0000)
"DisplayName"="IBM Netfinity 10/100 Ethernet Security Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10250009]
@DACL=(02 0000)
"DisplayName"="ACER NIC-559A PRO/100+ with WOL"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1025001A]
@DACL=(02 0000)
"DisplayName"="ACER NIC-559A PRO/100+ with Alert On LAN 2*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1025001B]
@DACL=(02 0000)
"DisplayName"="ACER T62L158 PRO/100+ with Alert On LAN 2*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1028009B]
@DACL=(02 0000)
"DisplayName"="Intel 8255x-based PCI Ethernet Adapter (10/100)"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10338000]
@DACL=(02 0000)
"DisplayName"="NEC PC-9821X-B06(PCI) or compatible/Intel 82557-based Ethernet"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10338016]
@DACL=(02 0000)
"DisplayName"="NEC PK-UG-X006(PCI) or compatible Fast Ethernet Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1033801F]
@DACL=(02 0000)
"DisplayName"="NEC PK-UG-X006(PCI) or compatible Fast Ethernet Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10338026]
@DACL=(02 0000)
"DisplayName"="NEC PK-UG-X006(PCI) or compatible Fast Ethernet Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10338063]
@DACL=(02 0000)
"DisplayName"="NEC 82559-based Fast Ethernet Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10338064]
@DACL=(02 0000)
"DisplayName"="NEC 82559-based Fast Ethernet Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_103380C4]
@DACL=(02 0000)
"DisplayName"="NEC 82559-based Fast Ethernet Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_103C10C0]
@DACL=(02 0000)
"DisplayName"="HP NetServer 10/100TX PCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_103C10C3]
@DACL=(02 0000)
"DisplayName"="HP NetServer 10/100TX PCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_103C10CA]
@DACL=(02 0000)
"DisplayName"="HP NetServer 10/100TX PCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_103C10CB]
@DACL=(02 0000)
"DisplayName"="HP NetServer 10/100TX PCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_103C10E3]
@DACL=(02 0000)
"DisplayName"="HP NetServer 10/100TX PCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_103C10E4]
@DACL=(02 0000)
"DisplayName"="HP NetServer 10/100TX PCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_103C1200]
@DACL=(02 0000)
"DisplayName"="HP NetServer 10/100TX PCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_103C1273]
@DACL=(02 0000)
"DisplayName"="HP NetServer 10/100TX PCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10CF1115]
@DACL=(02 0000)
"DisplayName"="Intel 8255x-based PCI Ethernet Adapter (10/100)"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10CF1143]
@DACL=(02 0000)
"DisplayName"="Intel 8255x-based PCI Ethernet Adapter (10/100)"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_10CF1188]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VM Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_110A0019]
@DACL=(02 0000)
"DisplayName"="Fujitsu Siemens Computers 82558-based Onboard Ethernet with WoL"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_110A0031]
@DACL=(02 0000)
"DisplayName"="Fujitsu Siemens Computers Server Onboard LAN with Intel 82558"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_110A0037]
@DACL=(02 0000)
"DisplayName"="Fujitsu Siemens Computers 82559-based Onboard Ethernet with WoL"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_110A004B]
@DACL=(02 0000)
"DisplayName"="Fujitsu Siemens Computers 82559-based Onboard Ethernet with WoL and AoL"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_110A6608]
@DACL=(02 0000)
"DisplayName"="Fujitsu Siemens Computers Server Onboard LAN with Intel 82558"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_110A6618]
@DACL=(02 0000)
"DisplayName"="Fujitsu Siemens Computers Server Onboard LAN with Intel 82559C"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_11790001]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_11790003]
@DACL=(02 0000)
"DisplayName"="Intel 8255x-based Fast Ethernet"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_144D2501]
@DACL=(02 0000)
"DisplayName"="Samsung SEM-2000 MiniPCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_144D2502]
@DACL=(02 0000)
"DisplayName"="Samsung SEM-2100iL MiniPCI LAN Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860001]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100B PCI Adapter (TX)"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860002]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100B PCI Adapter (T4)"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860003]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/10+ PCI Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860004]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 WfM PCI Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860005]
@DACL=(02 0000)
"DisplayName"="Intel 82557-based Integrated Ethernet PCI (10/100)"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860006]
@DACL=(02 0000)
"DisplayName"="Intel 82557-based Integrated Ethernet with Wake on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860007]
@DACL=(02 0000)
"DisplayName"="Intel 82558-based Integrated Ethernet"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860008]
@DACL=(02 0000)
"DisplayName"="Intel 82558-based Integrated Ethernet with Wake on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860009]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ PCI Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086000A]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086000B]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086000C]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086000D]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Alert on LAN* 2 Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086000E]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Alert on LAN* Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086000F]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860011]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860012]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Advanced Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860013]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Advanced Management Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860030]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Management Adapter with Alert On LAN* GC"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860031]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860040]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860041]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860042]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860050]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860051]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860060]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S+ Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860070]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 M Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80860071]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 M Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861009]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086100C]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Server Adapter (PILA8470B)"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861012]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861013]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861014]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Dual Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861015]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Dual Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861016]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Dual Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861017]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Dual Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861030]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Management Adapter with Alert On LAN* G Server"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861040]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861041]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861042]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861050]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861051]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861052]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80861060]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S+ Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_808610F0]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Dual Port Server Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862009]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086200D]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 CardBus II"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086200E]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 LAN+Modem56 CardBus II"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086200F]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SR Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862010]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862011]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862012]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862013]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SR Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862014]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 R Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862015]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 R Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862016]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862017]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Combo Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862018]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SR Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862019]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SR Combo Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862100]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI Type 3A"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862101]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 P Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862102]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862103]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862104]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862105]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862106]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 P Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862107]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862108]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862200]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 P Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862201]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 P Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862202]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862203]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862204]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862205]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862206]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862207]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862208]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 P Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862402]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862407]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862408]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862409]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_8086240F]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862410]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862411]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862412]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80862413]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100+ Mini PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863000]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LAN on Motherboard"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863001]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LOM with Alert on LAN*"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863002]
@DACL=(02 0000)
"DisplayName"="Intel® 82559 Fast Ethernet LOM with Alert on LAN* 2"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863006]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863007]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863008]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863010]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 S Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863011]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863012]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863013]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_80863014]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 SP Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_0E110012]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VM Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_0E110091]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_101401CE]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_101401DC]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_101401EB]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_101401EC]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10140202]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10140205]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10140209]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10140217]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10140234]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_1014023D]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10140244]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10140245]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10140265]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10140267]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_1014026A]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_109F315D]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_109F3181]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_10CF1188]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_1179FF01]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_11867801]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_144D2503]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_144D2601]
@DACL=(02 0000)
"DisplayName"="Samsung HomePNA 1M PCI"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_144D2602]
@DACL=(02 0000)
"DisplayName"="Samsung HomePNA 1M CNR"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_14A42126]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_14A42147]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_14A42149]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_15099011]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_80863010]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_80863011]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VM Desktop Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_80863012]
@DACL=(02 0000)
"DisplayName"="82562EH based Phoneline Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_80863013]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VE Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_80863014]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 VM Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_80863015]
@DACL=(02 0000)
"DisplayName"="82562EH based Phoneline Network Connection"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_80863016]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 P Mobile Combo Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_80863017]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 P Mobile Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_2449\SUBSYS_80863018]
@DACL=(02 0000)
"DisplayName"="Intel® PRO/100 Network Connection"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Monitors\//./DISPLAY1\0,0,1024,768]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Monitors\//./DISPLAY1\0,0,1152,864]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\WildTangent\CDA\ControlPanel\About]
@DACL=(02 0000)
"name"="About"
"order"="0"
"url"="cda/about.html"
"thumbnail"="cda/about.gif"

[HKEY_LOCAL_MACHINE\software\WildTangent\CDA\ControlPanel\Cache]
@DACL=(02 0000)
"name"="Cache"
"order"="2"
"url"="cda/cache.html"
"thumbnail"="cda/cache.gif"

[HKEY_LOCAL_MACHINE\software\WildTangent\CDA\ControlPanel\DRM0302]
@DACL=(02 0000)
"name"="Content Licensing"
"order"="50"
"url"="DRM/index.html"

[HKEY_LOCAL_MACHINE\software\WildTangent\CDA\ControlPanel\Updates]
@DACL=(02 0000)
"name"="Updates"
"order"="1"
"url"="cda/updates.html"
"thumbnail"="cda/updates.gif"

[HKEY_LOCAL_MACHINE\software\WildTangent\CDA\ControlPanel\Webd4_1_1]
@DACL=(02 0000)
"name"="Web Driver 3D Engine"
"order"="30"
"url"="Webd/index.html"

[HKEY_LOCAL_MACHINE\software\WildTangent\CDA\ControlPanel\WireControl]
@DACL=(02 0000)
"name"="Game Launcher"
"order"="65"
"url"="WireControl/index.html"

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtAppConfig\05]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtAppConfig0501.dll"
"CurrentMajorVersion"=dword:00000005
"CurrentMinorVersion"=dword:00000001
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:00000028
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtCache\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtCache0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtCDAEngine\05]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Apps\\CDA\\CDAEngine0501.dll"
"CurrentMajorVersion"=dword:00000005
"CurrentMinorVersion"=dword:00000001
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:00000028
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtCookie\05]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtCookie0501.dll"
"CurrentMajorVersion"=dword:00000005
"CurrentMinorVersion"=dword:00000001
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:00000028
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtDownloader\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtDownloader0301b.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000002
"CurrentBuildVersion"=dword:000000d3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtGameData\05]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtGameData0501.dll"
"CurrentMajorVersion"=dword:00000005
"CurrentMinorVersion"=dword:00000001
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:00000028
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtGUI\05]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtGUI0501.dll"
"CurrentMajorVersion"=dword:00000005
"CurrentMinorVersion"=dword:00000001
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:00000028
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtIO\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtIO0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtKernel\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtKernel0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtLua\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtLua0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtPropertyBag\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtPropertyBag0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtScript\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtScript0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtSerialization\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtSerialization0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtStreamProcessing\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtStreamProcessing0301.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtSystem\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtSystem0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtSystemConfig\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtSystemConfig0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtUserSupport\05]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtUserSupport0501.dll"
"CurrentMajorVersion"=dword:00000005
"CurrentMinorVersion"=dword:00000001
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:00000028
"CurrentIsDebug"=dword:00000000

[HKEY_LOCAL_MACHINE\software\WildTangent\ComponentRepository\wtXml\03]
@DACL=(02 0000)
"CurrentDllPath"="c:\\Program Files\\WildTangent\\Components\\wtXml0300.dll"
"CurrentMajorVersion"=dword:00000003
"CurrentMinorVersion"=dword:00000000
"CurrentMicroVersion"=dword:00000000
"CurrentBuildVersion"=dword:000000b3
"CurrentIsDebug"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1268)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-09-03 6:32 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-03 11:32
ComboFix2.txt 2009-09-02 19:49
ComboFix3.txt 2009-09-01 01:38

Pre-Run: 109,513,478,144 bytes free
Post-Run: 109,453,131,776 bytes free

1306 --- E O F --- 2009-09-01 23:06

More locked registry keys

Launch Notepad (Important, not wordpad or other third party text editor), and copy and paste the contents
of the code box below into a new text file. (dont include the word code)
Save it as file name: cfscript.txt

drag and drop cfscript.txt onto combofix.exe, when it is finished a text will open, post it.

ComboFix 09-08-31.03 - Lee Elizabeth 09/03/2009 11:35.5.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.618 [GMT -5:00]
Running from: c:\documents and settings\Lee Elizabeth\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Lee Elizabeth\Desktop\cfscript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((( Files Created from 2009-08-03 to 2009-09-03 )))))))))))))))))))))))))))))))
.

2009-09-03 15:44 . 2009-09-03 15:45 -------- d-----w- c:\program files\HDDAdministrator
2009-09-03 15:19 . 2009-09-03 15:20 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-09-03 15:19 . 2009-09-03 15:19 -------- d-----w- c:\program files\NOS
2009-09-02 22:10 . 2009-02-16 05:10 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-09-02 22:10 . 2009-02-16 05:10 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-09-02 22:10 . 2009-02-16 05:10 1221512 ----a-w- c:\windows\system32\zpeng25.dll
2009-09-02 22:10 . 2009-09-02 22:10 -------- d-----w- c:\windows\system32\ZoneLabs
2009-09-02 22:09 . 2009-09-03 16:35 -------- d-----w- c:\windows\Internet Logs
2009-09-02 09:41 . 2008-04-14 00:11 56320 ----a-w- c:\windows\system32\dllcache\eventlog.dll
2009-09-02 09:41 . 2008-04-14 00:11 56320 ------w- c:\windows\system32\eventlog.dll
2009-09-02 00:39 . 2009-09-02 00:39 -------- d-----w- c:\program files\Zone Labs
2009-09-01 23:55 . 2009-09-01 23:55 -------- d-----w- c:\documents and settings\Jeannie\Application Data\TuneUp Software
2009-09-01 00:42 . 2009-09-02 22:10 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-08-31 23:23 . 2009-08-31 23:23 -------- d-sh--w- c:\documents and settings\Tori\IETldCache
2009-08-30 22:33 . 2009-07-28 21:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-08-30 22:33 . 2009-03-30 15:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-08-30 22:33 . 2009-02-13 17:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-08-30 22:33 . 2009-02-13 17:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-08-30 22:33 . 2009-08-30 22:33 -------- d-----w- c:\program files\Avira
2009-08-30 22:33 . 2009-08-30 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-08-30 15:21 . 2009-08-30 15:21 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\Blitware
2009-08-30 15:13 . 2009-08-30 15:13 -------- d-----w- C:\New Folder (2)
2009-08-30 15:13 . 2009-08-30 15:13 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-30 15:00 . 2009-08-30 15:00 -------- d-----w- C:\New Folder
2009-08-30 14:12 . 2009-08-30 14:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\TuneUp Software
2009-08-30 13:43 . 2009-08-30 13:43 -------- d-----w- C:\AVGTemp
2009-08-29 20:48 . 2009-08-29 20:48 -------- d-----w- c:\documents and settings\Lee Elizabeth\Local Settings\Application Data\PCHealth
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\program files\MSBuild
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\program files\Reference Assemblies
2009-08-29 20:37 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-29 20:37 . 2008-07-06 12:06 117760 ----a-w- c:\windows\system32\prntvpt.dll
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- C:\7ae3c67497fdd3d758125a
2009-08-29 20:37 . 2008-07-06 12:06 575488 ----a-w- c:\windows\system32\xpsshhdr.dll
2009-08-29 20:37 . 2008-07-06 12:06 575488 ----a-w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-29 20:37 . 2008-07-06 12:06 1676288 ----a-w- c:\windows\system32\xpssvcs.dll
2009-08-29 20:37 . 2008-07-06 12:06 1676288 ----a-w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-29 20:37 . 2008-07-06 10:50 597504 ----a-w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-29 15:17 . 2008-06-19 22:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-08-29 15:17 . 2009-08-29 15:17 -------- d-----w- c:\program files\Panda Security
2009-08-29 12:35 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-08-28 19:23 . 2009-08-28 19:23 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-08-28 18:54 . 2009-08-28 18:54 -------- d-sh--w- c:\documents and settings\Jeannie\PrivacIE
2009-08-28 18:48 . 2009-08-28 18:48 -------- d-sh--w- c:\documents and settings\Jeannie\IETldCache
2009-08-28 18:18 . 2009-08-28 18:18 -------- d-----w- c:\windows\system32\Adobe
2009-08-28 18:14 . 2009-08-29 14:43 -------- d-----w- c:\program files\FileHippo.com
2009-08-28 16:18 . 2009-08-28 16:18 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-08-28 16:16 . 2009-08-28 16:16 -------- d-----w- c:\program files\Sophos
2009-08-28 15:06 . 2009-08-28 15:06 -------- d-sh--w- c:\documents and settings\Lee Elizabeth\PrivacIE
2009-08-28 14:07 . 2009-08-28 14:07 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-08-26 02:43 . 2009-08-26 02:43 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-08-26 02:42 . 2009-08-26 02:42 -------- d-sh--w- c:\documents and settings\Lee Elizabeth\IETldCache
2009-08-26 02:33 . 2009-08-07 08:48 100352 ----a-w- c:\windows\system32\dllcache\iecompat.dll
2009-08-26 02:33 . 2009-08-26 02:33 -------- d-----w- c:\windows\ie8updates
2009-08-26 02:32 . 2009-07-03 17:09 12800 ----a-w- c:\windows\system32\dllcache\xpshims.dll
2009-08-26 02:32 . 2009-07-03 17:09 246272 ----a-w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-26 02:30 . 2009-08-26 02:32 -------- dc-h--w- c:\windows\ie8
2009-08-26 02:05 . 2008-04-13 23:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2009-08-26 02:05 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-08-26 02:05 . 2008-04-13 23:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2009-08-26 02:05 . 2001-08-18 03:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-08-26 02:05 . 2001-08-18 03:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-08-26 02:03 . 2001-08-18 03:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2009-08-26 02:03 . 2001-08-17 17:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-08-26 02:03 . 2004-08-04 02:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2009-08-26 02:03 . 2004-08-04 02:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2009-08-26 02:03 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2009-08-26 02:00 . 2004-08-04 02:29 19551 ----a-w- c:\windows\system32\dllcache\watv02nt.sys
2009-08-26 01:59 . 2001-08-17 18:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2009-08-26 01:58 . 2001-08-18 03:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2009-08-26 01:57 . 2001-08-18 03:36 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2009-08-26 01:56 . 2001-08-17 19:56 172768 ----a-w- c:\windows\system32\dllcache\t2r4disp.dll
2009-08-26 01:55 . 2001-08-18 03:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll
2009-08-26 01:54 . 2001-08-17 17:12 24576 ----a-w- c:\windows\system32\dllcache\smc8000n.sys
2009-08-26 01:53 . 2001-07-21 19:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys
2009-08-26 01:52 . 2001-08-17 19:56 245632 ----a-w- c:\windows\system32\dllcache\s3savmx.dll
2009-08-26 01:51 . 2001-08-17 17:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys
2009-08-26 01:50 . 2001-08-17 18:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
2009-08-26 01:49 . 2001-08-18 03:36 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2009-08-26 01:48 . 2001-08-17 18:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2009-08-26 01:48 . 2001-08-17 18:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-08-26 01:48 . 2008-04-13 17:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2009-08-26 01:48 . 2001-08-17 17:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2009-08-26 01:48 . 2001-08-17 17:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2009-08-26 01:48 . 2001-08-17 17:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2009-08-26 01:48 . 2004-08-10 11:00 53248 ----a-w- c:\windows\system32\dllcache\nextlink.dll
2009-08-26 01:48 . 2004-08-04 02:31 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2009-08-26 01:48 . 2001-08-17 17:11 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2009-08-26 01:48 . 2001-08-17 17:50 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2009-08-26 01:48 . 2001-08-18 03:36 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2009-08-26 01:48 . 2001-08-17 18:49 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2009-08-26 01:46 . 2008-04-13 17:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2009-08-26 01:45 . 2004-08-04 02:39 20864 ----a-w- c:\windows\system32\dllcache\lwadihid.sys
2009-08-26 01:44 . 2008-04-13 23:09 6144 ----a-w- c:\windows\system32\dllcache\kbd106.dll
2009-08-26 01:43 . 2001-08-18 03:36 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
2009-08-26 01:42 . 2001-08-17 18:28 391199 ----a-w- c:\windows\system32\dllcache\hsf_k56k.sys
2009-08-26 01:41 . 2001-08-17 18:28 907456 ----a-w- c:\windows\system32\dllcache\hcf_msft.sys
2009-08-26 01:40 . 2001-08-18 03:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll
2009-08-26 01:39 . 2001-08-17 17:10 19996 ----a-w- c:\windows\system32\dllcache\em556n4.sys
2009-08-26 01:38 . 2001-08-18 03:36 110621 ----a-w- c:\windows\system32\dllcache\digirlpt.dll
2009-08-26 01:37 . 2004-08-10 11:00 18944 ----a-w- c:\windows\system32\dllcache\cprofile.exe
2009-08-26 01:36 . 2001-08-17 18:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2009-08-26 01:35 . 2001-08-17 17:11 27678 ----a-w- c:\windows\system32\dllcache\ali5261.sys
2009-08-25 18:12 . 2004-08-10 11:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2009-08-25 18:12 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-08-25 18:12 . 2004-08-10 11:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2009-08-25 18:12 . 2004-08-10 11:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2009-08-25 18:12 . 2004-08-10 11:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2009-08-25 18:12 . 2004-08-10 11:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2009-08-25 18:12 . 2004-08-10 11:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2009-08-25 18:12 . 2004-08-10 11:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2009-08-25 17:15 . 2009-08-25 17:15 -------- d--h--w- c:\windows\PIF
2009-08-25 12:28 . 2009-08-25 12:28 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-25 12:25 . 2009-08-25 12:26 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-08-25 11:37 . 2009-07-03 14:49 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-25 10:51 . 2009-08-25 10:51 152576 ----a-w- c:\documents and settings\Lee Elizabeth\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-25 10:50 . 2009-07-03 14:49 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-08-25 10:49 . 2009-08-25 10:49 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-25 10:49 . 2009-07-08 17:28 2920112 -c--a-w- c:\documents and settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
2009-08-25 10:49 . 2009-08-25 10:49 -------- d-----w- c:\program files\Lavasoft
2009-08-25 10:49 . 2009-08-25 10:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-08-25 03:39 . 2009-08-25 03:39 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-08-25 03:39 . 2008-05-29 14:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2009-08-25 03:39 . 2009-08-25 03:39 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\TuneUp Software
2009-08-25 03:39 . 2009-08-25 03:39 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-03 15:40 . 2006-02-26 16:40 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-03 15:06 . 2006-09-05 19:01 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\AdobeUM
2009-08-31 00:46 . 2006-03-10 00:21 25672 ----a-w- c:\documents and settings\Jeannie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-30 02:31 . 2009-03-01 00:16 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\Winamp
2009-08-30 02:27 . 2009-03-01 00:16 -------- d-----w- c:\program files\Winamp
2009-08-29 20:45 . 2006-08-25 17:28 25672 ----a-w- c:\documents and settings\Lee Elizabeth\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-25 10:52 . 2006-02-19 18:57 -------- d-----w- c:\program files\Java
2009-08-25 04:10 . 2009-08-25 04:10 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-08-25 04:07 . 2009-08-25 04:07 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-08-25 01:17 . 2009-03-24 20:26 -------- d-----w- c:\documents and settings\Lee Elizabeth\Application Data\LimeWire
2009-08-20 12:00 . 2008-12-30 18:26 -------- d-----w- c:\documents and settings\Jorgi\Application Data\LimeWire
2009-08-16 20:45 . 2008-12-25 23:55 -------- d-----w- c:\documents and settings\Tori\Application Data\LimeWire
2009-08-07 15:02 . 2006-02-19 19:04 -------- d-----w- c:\program files\Sonic
2009-08-05 09:01 . 2005-08-16 10:18 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-28 16:24 . 2009-03-28 21:53 -------- d-----w- c:\documents and settings\Tori\Application Data\Winamp
2009-07-25 10:23 . 2009-01-08 12:41 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-24 04:15 . 2006-09-13 23:42 -------- d-----w- c:\program files\Yahoo! Games
2009-07-17 19:01 . 2005-08-16 10:18 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 04:43 . 2005-08-16 10:19 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 18:12 . 2006-06-02 21:02 -------- d-----w- c:\documents and settings\Jorgi\Application Data\AdobeUM
2009-07-03 17:09 . 2005-08-16 10:18 915456 ------w- c:\windows\system32\wininet.dll
2009-06-25 08:25 . 2005-08-16 10:18 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2005-08-16 10:18 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2005-08-16 10:18 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2005-08-16 10:18 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:25 . 2005-08-16 10:18 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2005-08-16 10:18 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2005-08-16 10:18 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-19 01:53 . 2009-06-19 01:53 390664 ----a-w- c:\documents and settings\Jeannie\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-06-16 14:36 . 2005-08-16 10:18 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2005-08-16 10:18 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-14 20:42 . 2006-03-10 00:21 6060 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-06-14 20:42 . 2006-03-10 00:21 104 --sha-r- c:\windows\system32\94E1B6264F.sys
2009-06-12 12:31 . 2005-08-16 10:18 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2005-08-16 10:18 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:19 . 2005-08-16 10:37 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2005-08-16 10:18 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2005-08-16 10:18 132096 ----a-w- c:\windows\system32\wkssvc.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-09-03_11.26.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-12-02 03:54 . 2006-12-02 03:54 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-02 03:54 . 2006-12-02 03:54 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-02 03:54 . 2006-12-02 03:54 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2009-09-03 15:40 . 2009-09-03 15:40 3938816 c:\windows\Installer\5fd86.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellTransferAgent"="c:\documents and settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" [2007-11-13 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 1121280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-02-28 198160]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" - c:\windows\system32\narrator.exe [2008-04-14 53760]

c:\documents and settings\Jorgi\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-3-10 139776]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-2-19 24576]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2005-7-22 151552]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 Achernar;Achernar - SCSI Command Filter Drivers;c:\windows\system32\drivers\Achernar.sys [12/31/2007 2:51 PM 18432]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [8/25/2009 5:50 AM 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [8/29/2009 10:17 AM 28544]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8/30/2009 5:33 PM 108289]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [7/3/2009 9:49 AM 1029456]
S3 CrucialSMBusScan;CrucialSMBusScan;\??\c:\windows\system32\drivers\CrucialSMBusScan.sys --> c:\windows\system32\drivers\CrucialSMBusScan.sys [?]
S3 getPlusHelper;getPlus® Helper;c:\windows\System32\svchost.exe -k getPlusHelper [8/16/2005 5:18 AM 14336]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\16.tmp --> c:\windows\system32\16.tmp [?]
S3 XDva020;XDva020;\??\c:\windows\system32\XDva020.sys --> c:\windows\system32\XDva020.sys [?]
S3 XDva025;XDva025;\??\c:\windows\system32\XDva025.sys --> c:\windows\system32\XDva025.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-02 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 14:09]

2009-09-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49]

2009-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://updates.installshield.com/GetUpdates.asp?p={8A9B8148-DDD7-448F-BD6C-358386D32354}&r=6.00&v=ISUA%204.50&u={5E27D894-8535-47EE-915C-B8DA76072191}&l=1033&K=ZCEACA7AFC9CCD7EFC9AC4748495C978FF9AB908F498C97A8CE6B90EFC9ECC01FD9FB500FD
EAC
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: microsoft.com
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-03 11:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\16.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CorelPhotoAlbumPhoto\protocol\StdFileEditing\verb\0]
@DACL=(02 0000)
@="&Edit"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014005C\REV_01]
@DACL=(02 0000)
"DisplayName"="IBM 10/100 EtherJet PCI Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014005C\REV_02]
@DACL=(02 0000)
"DisplayName"="IBM 10/100 EtherJet PCI Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014005C\REV_04]
@DACL=(02 0000)
"DisplayName"="IBM NetFinity 10/100 Ethernet Adapter"

[HKEY_LOCAL_MACHINE\software\Intel\PROSetWired\NCS\SyncLayer\8023Adapters\VEN_8086&DEV_1229\SUBSYS_1014005C\REV_05]
@DACL=(02 0000)
"DisplayName"="IBM NetFinity 10/100 Ethernet Adapter"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(4084)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-09-03 11:51
ComboFix-quarantined-files.txt 2009-09-03 16:51
ComboFix2.txt 2009-09-03 11:32
ComboFix3.txt 2009-09-02 19:49
ComboFix4.txt 2009-09-01 01:38

Pre-Run: 109,057,843,200 bytes free
Post-Run: 109,000,585,216 bytes free

327 --- E O F --- 2009-09-01 23:06

proteus7

Post back in about three days and let us know of any problems please.