VirusTotal Results:Antivirus Version Last Update Result
a-squared 4.0.0.101 2009.03.02 -
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.98 2009.03.02 TR/Crypt.FKM.Gen
Authentium 5.1.0.4 2009.03.03 -
Avast 4.8.1335.0 2009.03.02 -
AVG 8.0.0.237 2009.03.01 Win32/Heur
BitDefender 7.2 2009.03.03 -
CAT-QuickHeal 10.00 2009.03.02 -
ClamAV 0.94.1 2009.03.02 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.03.03 -
eSafe 7.0.17.0 2009.03.02 -
eTrust-Vet 31.6.6380 2009.03.02 -
F-Prot 4.4.4.56 2009.03.02 -
F-Secure 8.0.14470.0 2009.03.02 -
Fortinet 3.117.0.0 2009.03.02 -
GData 19 2009.03.02 -
Ikarus T3.1.1.45.0 2009.03.02 -
K7AntiVirus 7.10.654 2009.03.02 -
Kaspersky 7.0.0.125 2009.03.03 -
McAfee 5541 2009.03.02 -
McAfee+Artemis 5541 2009.03.02 -
Microsoft 1.4306 2009.03.02 -
NOD32 3902 2009.03.02 -
Norman 6.00.06 2009.03.02 -
nProtect 2009.1.8.0 2009.03.02 -
Panda 10.0.0.10 2009.03.02 -
PCTools 4.4.2.0 2009.03.02 -
Prevx1 V2 2009.03.03 -
Rising 21.19.02.00 2009.03.02 -
SecureWeb-Gateway 6.7.6 2009.03.02 Trojan.Crypt.FKM.Gen
Sophos 4.39.0 2009.03.03 -
Sunbelt 3.2.1858.2 2009.03.02 -
Symantec 10 2009.03.03 -
TheHacker 6.3.2.6.269 2009.03.02 -
TrendMicro 8.700.0.1004 2009.03.02 -
VBA32 3.12.10.1 2009.03.03 -
ViRobot 2009.3.2.1630 2009.03.02 -
VirusBuster 4.5.11.0 2009.03.02 Trojan.SpyVamp.Gen!Pac
Additional information
File size: 610304 bytes
MD5...: 9853578b635977791484803d2c48eba9
SHA1..: 7b1aff9315189124edbc0a6249a830185304bc72
SHA256: a17f935432565e0e2892b579fc033ab7dc15218681972a28b491046c67112e42
SHA512: 297513a4c92442fbaef7e70401eca1759298ecac110b0bb23a413243ffdfdd72
19833decbc4051a52a27603fed30877acdec1a0f280d3b59ad04252908a5d1f1
ssdeep: 6144:US3GdYLP0qokyRwT/sKmLBiYJTk2iubRQiMJ2Ag7jMGD3L5LauaCTuzJfUj
Wmzq2:UgDXvjm9XuNdSf9aCiRm4mC3YGK
PEiD..: -
TrID..: File type identification
Win16/32 Executable Delphi generic (25.5%)
Clipper DOS Executable (24.9%)
Generic Win/DOS Executable (24.7%)
DOS Executable Generic (24.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x0 (Thu Jan 01 00:00:00 1970)
machinetype.......: 0x14c (I386)
( 2 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xbe000 0x86600 4.94 c3ead3325c6d08102b9d89d31d5d309c
.rdata 0xbf000 0xf000 0xe600 5.70 842b56ff9a0bb641be7a80be1b641f09
( 2 imports )
> kernel32.dll: Sleep, GetTickCount, ExitProcess, GetModuleHandleA, GetStartupInfoA, GetCommandLineA
> user32.dll: MessageBoxA, GetDC
( 0 exports )
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=9853578b635977791484803d2c48eba9' target='_blank'>http://www.threatexpert.com/report.aspx?md5=9853578b635977791484803d2c48eba9</a>
RSIT Logs:log:Logfile of random's system information tool 1.05 (written by random/random)
Run by Owner at 2009-03-02 18:52:34
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 136 GB (89%) free of 153 GB
Total RAM: 1022 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:52:39 PM, on 3/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Drivers\wgp\wgpro0.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [promo.exe] C:\WINDOWS\system32\promo.exe
O4 - HKLM\..\Run: [WinGuard Pro] c:\Drivers\wgp\wgpro0.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -
http://support.dell.com/systemprofiler/SysPro.CABO16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) -
http://i.dell.com/images/global/js/scan ... ProExe.cabO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 7336 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22}]
AOLSearchHook Class - C:\Program Files\AIM Search\AOLSearch.dll [2008-08-06 111912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-03-15 118836]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-01 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar Launcher - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2008-03-07 1090912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-01 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-01 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AIM Toolbar - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2008-03-07 1090912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2003-10-02 155648]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2003-10-02 118784]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-03-15 122933]
"UpdateManager"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"Media Codec Update Service"=C:\Program Files\Essentials Codec Pack\update.exe [2007-04-08 303104]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-01 136600]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"promo.exe"=C:\WINDOWS\system32\promo.exe [2009-02-24 610304]
"WinGuard Pro"=c:\Drivers\wgp\wgpro0.exe [2009-01-19 217912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-10-02 319488]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-12-24 14:04:26 ----A---- C:\WINDOWS\system32\19598w9rz295.exe
2009-12-23 09:45:55 ----A---- C:\WINDOWS\system32\48d5d9wnzoader2354.exe
2009-12-22 09:47:14 ----A---- C:\WINDOWS\9dvir4z35.exe
2009-12-20 05:35:34 ----A---- C:\WINDOWS\533ba95waze1304.dll
2009-12-19 06:37:50 ----A---- C:\WINDOWS\452zv59880.dll
2009-12-12 11:05:58 ----A---- C:\WINDOWS\92z63hacktoo57c2.exe
2009-12-12 06:14:15 ----A---- C:\WINDOWS\system32\5095vzr955.dll
2009-12-09 10:49:30 ----A---- C:\WINDOWS\system32\15591zroj780.exe
2009-12-01 15:46:15 ----A---- C:\WINDOWS\system32\4202vi92854z.dll
2009-12-01 11:18:30 ----A---- C:\WINDOWS\system32\9zb9thief5836.dll
2009-11-27 13:59:02 ----A---- C:\WINDOWS\139955acktoolz1.dll
2009-11-26 18:43:48 ----A---- C:\WINDOWS\system32\3b6zv5r1997.exe
2009-11-24 07:01:34 ----A---- C:\WINDOWS\system32\4ebdo5nlo9der17z4.dll
2009-11-19 12:21:40 ----A---- C:\WINDOWS\system32\z91465orm49d.dll
2009-11-18 07:31:19 ----A---- C:\WINDOWS\system32\6fez5par9e3228.dll
2009-11-17 00:21:47 ----A---- C:\WINDOWS\9z396worm350.exe
2009-11-16 14:25:27 ----A---- C:\WINDOWS\system32\z51cst5al2939.dll
2009-11-14 08:26:48 ----A---- C:\WINDOWS\system32\5397wozm96f.dll
2009-11-13 00:55:17 ----A---- C:\WINDOWS\system32\37c9z95rse1952.exe
2009-11-10 23:03:05 ----A---- C:\WINDOWS\2z9tro539d.dll
2009-11-10 04:12:53 ----A---- C:\WINDOWS\312z9viru56bb.dll
2009-11-01 23:50:15 ----A---- C:\WINDOWS\10953hackt9o566z.exe
2009-10-21 23:00:58 ----A---- C:\WINDOWS\system32\26zet5ief3917.dll
2009-10-20 16:15:49 ----A---- C:\WINDOWS\system32\2899steal5134z.dll
2009-10-19 22:29:56 ----A---- C:\WINDOWS\2b95spz9are667.dll
2009-10-14 08:23:18 ----A---- C:\WINDOWS\1869stezl3512.dll
2009-10-11 04:10:29 ----A---- C:\WINDOWS\system32\2605th9ef3z94.dll
2009-10-06 12:26:26 ----A---- C:\WINDOWS\system32\21374zir95324.exe
2009-10-06 03:00:19 ----A---- C:\WINDOWS\system32\35b4zpyw9r52978.exe
2009-10-03 13:27:15 ----A---- C:\WINDOWS\az3spa59e38.exe
2009-09-27 21:00:17 ----A---- C:\WINDOWS\56515zo9m7e7.exe
2009-09-26 23:37:39 ----A---- C:\WINDOWS\system32\b40backdoorz659.exe
2009-09-17 14:24:02 ----A---- C:\WINDOWS\system32\177859roj795z.dll
2009-09-14 02:27:18 ----A---- C:\WINDOWS\z4913h5ckt9olb3.exe
2009-09-11 11:24:19 ----A---- C:\WINDOWS\system32\1478zs59105.exe
2009-08-27 20:38:16 ----A---- C:\WINDOWS\18557spy9z9.exe
2009-08-18 23:42:18 ----A---- C:\WINDOWS\system32\5za9thief1445.dll
2009-08-15 03:13:53 ----A---- C:\WINDOWS\system32\3aea5dw9ze75.dll
2009-08-14 19:36:02 ----A---- C:\WINDOWS\52e6v9z330.dll
2009-08-11 16:42:49 ----A---- C:\WINDOWS\8895troz5bc.dll
2009-08-09 18:55:26 ----A---- C:\WINDOWS\system32\9988zhreat5908.exe
2009-08-06 08:50:43 ----A---- C:\WINDOWS\system32\4945no5-a-viruz39.dll
2009-08-06 07:30:23 ----A---- C:\WINDOWS\system32\25z36tro5992.dll
2009-08-06 04:57:52 ----A---- C:\WINDOWS\1248d9wzlo5der2705.exe
2009-08-04 20:04:49 ----A---- C:\WINDOWS\75e0thre9z56168.dll
2009-08-03 04:19:51 ----A---- C:\WINDOWS\9b35parse293z.exe
2009-08-02 18:43:19 ----A---- C:\WINDOWS\system32\19707vzr9s2d5.exe
2009-08-02 16:54:21 ----A---- C:\WINDOWS\2733395y38dz.exe
2009-07-27 06:43:49 ----A---- C:\WINDOWS\8135s9azbot327.dll
2009-07-25 23:35:48 ----A---- C:\WINDOWS\123275ot-a-vi9us92z.dll
2009-07-12 09:47:15 ----A---- C:\WINDOWS\2411vzr5s1ed9.dll
2009-07-12 04:15:43 ----A---- C:\WINDOWS\system32\31859troj6za.exe
2009-07-03 02:15:15 ----A---- C:\WINDOWS\system32\1f419tzal545.dll
2009-07-01 08:06:50 ----A---- C:\WINDOWS\system32\46b5backdooz26939.exe
2009-06-28 18:18:40 ----A---- C:\WINDOWS\system32\17597ha9k5ool21z.dll
2009-06-27 00:12:09 ----A---- C:\WINDOWS\2951stzal1627.exe
2009-06-26 04:14:07 ----A---- C:\WINDOWS\35815spam9oz51e.exe
2009-06-16 23:51:25 ----A---- C:\WINDOWS\4e58baczd9or2371.dll
2009-06-12 05:35:18 ----A---- C:\WINDOWS\system32\96afs5ywarz248.exe
2009-06-05 16:44:07 ----A---- C:\WINDOWS\7428z9ea592.dll
2009-06-05 10:15:41 ----A---- C:\WINDOWS\system32\5295s5arsz991.exe
2009-06-02 17:21:32 ----A---- C:\WINDOWS\system32\z5e55hreat14399.dll
2009-06-01 11:24:21 ----A---- C:\WINDOWS\26512wzr97ec.exe
2009-05-26 09:34:29 ----A---- C:\WINDOWS\41z5down9o5der1145.exe
2009-05-26 06:04:38 ----A---- C:\WINDOWS\527e95wnloadez1778.exe
2009-05-25 18:41:46 ----A---- C:\WINDOWS\11169zpamb5t627.dll
2009-05-24 04:49:17 ----A---- C:\WINDOWS\7d125ownlzader1894.dll
2009-05-19 02:19:23 ----A---- C:\WINDOWS\system32\7f0e5teal1909z.exe
2009-05-15 19:58:49 ----A---- C:\WINDOWS\system32\94f85pywzre2978.exe
2009-05-15 12:57:21 ----A---- C:\WINDOWS\system32\529bvir2z99.dll
2009-05-05 18:32:15 ----A---- C:\WINDOWS\z98bsparse9955.dll
2009-05-04 07:53:47 ----A---- C:\WINDOWS\5eb6sparze6689.dll
2009-04-26 21:19:05 ----A---- C:\WINDOWS\system32\56cf9az5door798.exe
2009-04-26 02:25:58 ----A---- C:\WINDOWS\49z9threat505669.dll
2009-04-22 21:23:31 ----A---- C:\WINDOWS\system32\99955worm5e7z.dll
2009-04-20 04:46:40 ----A---- C:\WINDOWS\system32\2541noz-a-9irus594.exe
2009-04-17 23:40:12 ----A---- C:\WINDOWS\4d6athr5z93578.dll
2009-04-13 14:51:54 ----A---- C:\WINDOWS\4439zown5oader430.dll
2009-04-10 12:39:58 ----A---- C:\WINDOWS\1014s9amb5z4df.dll
2009-04-02 18:19:49 ----A---- C:\WINDOWS\system32\z893spywa9e5233.exe
2009-03-25 10:34:58 ----A---- C:\WINDOWS\7a92backdooz2351.dll
2009-03-25 06:25:33 ----A---- C:\WINDOWS\94z29ot-a-virus656.exe
2009-03-22 07:41:15 ----A---- C:\WINDOWS\system32\694ddoznloader1585.dll
2009-03-21 00:15:17 ----A---- C:\WINDOWS\3663worm2z95.exe
2009-03-18 14:43:28 ----A---- C:\WINDOWS\39c5thief190z5.dll
2009-03-18 00:09:46 ----A---- C:\WINDOWS\system32\99537spyza9.dll
2009-03-17 05:09:51 ----A---- C:\WINDOWS\system32\9z56thre5t8595.exe
2009-03-15 03:49:48 ----A---- C:\WINDOWS\22act5zef9201.exe
2009-03-14 18:16:55 ----A---- C:\WINDOWS\5ef59dzware812.dll
2009-03-12 01:47:30 ----A---- C:\WINDOWS\3d7zspars523019.exe
2009-03-02 18:52:34 ----D---- C:\rsit
2009-02-28 05:12:42 ----A---- C:\WINDOWS\system32\24201spa5boz5999.dll
2009-02-27 22:43:24 ----D---- C:\WINDOWS\ie7updates
2009-02-27 22:42:37 ----D---- C:\WINDOWS\WBEM
2009-02-27 22:41:24 ----HDC---- C:\WINDOWS\ie7
2009-02-27 22:41:05 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-02-27 22:40:37 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-02-27 12:22:35 ----A---- C:\WINDOWS\2214zvi5us798.dll
2009-02-26 18:11:11 ----D---- C:\Documents and Settings\Owner\Application Data\Move Networks
2009-02-25 20:12:03 ----D---- C:\Program Files\Trend Micro
2009-02-25 08:57:54 ----A---- C:\WINDOWS\z9984spam5ot7aa.dll
2009-02-25 03:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-25 03:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-24 21:06:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-24 20:04:31 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2009-02-24 20:04:27 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-24 19:51:58 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-02-24 15:52:47 ----A---- C:\WINDOWS\54z60w9rm3c7.exe
2009-02-24 01:11:43 ----D---- C:\Drivers
2009-02-24 01:11:43 ----A---- C:\WINDOWS\system32\wodShellMenu.dll
2009-02-24 01:11:43 ----A---- C:\WINDOWS\system32\ChilkatCrypt2.dll
2009-02-24 00:58:09 ----A---- C:\WINDOWS\system32\521ebazk9oor3244.exe
2009-02-24 00:58:07 ----A---- C:\WINDOWS\system32\579z7tro924e.dll
2009-02-24 00:58:07 ----A---- C:\WINDOWS\27e59hiez585.dll
2009-02-24 00:58:06 ----A---- C:\WINDOWS\z1879acktoo5707.dll
2009-02-24 00:58:06 ----A---- C:\WINDOWS\system32\zc65sparse2994.dll
2009-02-24 00:58:06 ----A---- C:\WINDOWS\system32\7f35s9zal3115.exe
2009-02-24 00:58:06 ----A---- C:\WINDOWS\system32\581stezl9592.dll
2009-02-24 00:58:04 ----A---- C:\WINDOWS\system32\19535w9rmz1.exe
2009-02-24 00:58:04 ----A---- C:\WINDOWS\5d49spywar91z23.dll
2009-02-24 00:58:03 ----A---- C:\WINDOWS\5z91spywar9579.dll
2009-02-24 00:58:01 ----A---- C:\WINDOWS\6c5ownload9z1051.dll
2009-02-24 00:58:00 ----A---- C:\WINDOWS\system32\9556steaz2650.dll
2009-02-24 00:58:00 ----A---- C:\WINDOWS\9edbackdooz1452.exe
2009-02-24 00:58:00 ----A---- C:\WINDOWS\55f6dowzloa9er2997.dll
2009-02-24 00:58:00 ----A---- C:\WINDOWS\3b5threatz7094.dll
2009-02-24 00:58:00 ----A---- C:\WINDOWS\111a5parsez977.dll
2009-02-24 00:57:59 ----A---- C:\WINDOWS\system32\70b6spy5arz9992.dll
2009-02-24 00:57:58 ----A---- C:\WINDOWS\system32\11808hack9ozl7035.exe
2009-02-24 00:57:58 ----A---- C:\WINDOWS\8z73sp5m9ot54f.dll
2009-02-24 00:57:57 ----A---- C:\WINDOWS\system32\12115worm2zc9.exe
2009-02-24 00:57:57 ----A---- C:\WINDOWS\9a3bzir2725.dll
2009-02-24 00:57:56 ----A---- C:\WINDOWS\937czteal865.dll
2009-02-24 00:57:56 ----A---- C:\WINDOWS\7447no95a-vizus81.dll
2009-02-24 00:57:56 ----A---- C:\WINDOWS\2z49thi9f3505.dll
2009-02-24 00:57:55 ----A---- C:\WINDOWS\system32\43dbsp9r5z1821.exe
2009-02-24 00:57:55 ----A---- C:\WINDOWS\system32\29z50worm251.dll
2009-02-24 00:57:55 ----A---- C:\WINDOWS\4693addware2z59.exe
2009-02-24 00:57:55 ----A---- C:\WINDOWS\3z499t5oj28b.exe
2009-02-24 00:57:54 ----A---- C:\WINDOWS\system32\69fs9z5se2330.exe
2009-02-24 00:57:54 ----A---- C:\WINDOWS\system32\5z530spambot39e.exe
2009-02-24 00:57:53 ----A---- C:\WINDOWS\system32\29986vir5s35z.dll
2009-02-24 00:57:53 ----A---- C:\WINDOWS\691aba9kdo5r264z.dll
2009-02-24 00:57:52 ----A---- C:\WINDOWS\system32\659zdownloa5er2049.exe
2009-02-24 00:57:52 ----A---- C:\WINDOWS\system32\4329spywzre1556.exe
2009-02-24 00:57:52 ----A---- C:\WINDOWS\system32\13915viru55z.exe
2009-02-24 00:57:52 ----A---- C:\WINDOWS\5777dowzloader9490.exe
2009-02-24 00:57:51 ----A---- C:\WINDOWS\system32\2d229ddwarez0495.dll
2009-02-24 00:57:51 ----A---- C:\WINDOWS\system32\25408spambo96z4.dll
2009-02-24 00:57:51 ----A---- C:\WINDOWS\system32\14191spa5botz48.dll
2009-02-24 00:57:51 ----A---- C:\WINDOWS\7974s9ambot85z.dll
2009-02-24 00:57:50 ----A---- C:\WINDOWS\system32\11656s95z6c.exe
2009-02-24 00:57:50 ----A---- C:\WINDOWS\6f455zeal28069.exe
2009-02-24 00:57:48 ----A---- C:\WINDOWS\system32\50359zy6c5.dll
2009-02-24 00:57:47 ----A---- C:\WINDOWS\system32\99e2downloa5zr1559.exe
2009-02-24 00:57:47 ----A---- C:\WINDOWS\system32\4898spywarez595.exe
2009-02-24 00:57:47 ----A---- C:\WINDOWS\system32\29529wo5z79d.exe
2009-02-24 00:57:46 ----A---- C:\WINDOWS\system32\488not-az9irus3375.dll
2009-02-24 00:57:46 ----A---- C:\WINDOWS\system32\21295worm37z.dll
2009-02-24 00:57:46 ----A---- C:\WINDOWS\system32\1c9ddownloa5erz200.exe
2009-02-24 00:57:46 ----A---- C:\WINDOWS\5b50spzrse24159.exe
2009-02-24 00:57:46 ----A---- C:\WINDOWS\3bfzdo5nload9r1562.exe
2009-02-24 00:57:46 ----A---- C:\WINDOWS\25005sp9mbot44z.dll
2009-02-24 00:57:45 ----A---- C:\WINDOWS\system32\7199za9ktool750.dll
2009-02-24 00:57:45 ----A---- C:\WINDOWS\79dzspyware2755.dll
2009-02-24 00:57:45 ----A---- C:\WINDOWS\22585z5t-a-virus974.exe
2009-02-24 00:57:42 ----A---- C:\WINDOWS\system32\9zfba9kdoor1556.dll
2009-02-24 00:57:42 ----A---- C:\WINDOWS\2z309not-a5vi9us78a.dll
2009-02-24 00:57:41 ----A---- C:\WINDOWS\z380st9al950.dll
2009-02-24 00:57:41 ----A---- C:\WINDOWS\system32\6918zpy5are1393.exe
2009-02-24 00:57:41 ----A---- C:\WINDOWS\system32\16269hacztool6a95.exe
2009-02-24 00:54:26 ----A---- C:\WINDOWS\system32\promo.exe
2009-02-23 19:36:30 ----A---- C:\WINDOWS\4225sp9rsz2022.dll
2009-02-17 21:55:50 ----A---- C:\WINDOWS\32739szy9c5.dll
2009-02-17 11:17:26 ----A---- C:\WINDOWS\system32\27961vir5sz80.exe
2009-02-15 15:58:08 ----A---- C:\WINDOWS\155z19iru5ac.exe
2009-02-07 18:46:33 ----A---- C:\WINDOWS\5026zhief3059.dll
2009-02-06 14:02:16 ----A---- C:\WINDOWS\system32\1737addwarez965.dll
2009-02-03 21:29:38 ----A---- C:\WINDOWS\28995hacktoolzeb.exe
======List of files/folders modified in the last 1 months======
2009-03-02 18:52:35 ----D---- C:\WINDOWS\Temp
2009-03-02 18:42:00 ----D---- C:\WINDOWS\system32
2009-03-02 18:33:30 ----D---- C:\Program Files\Mozilla Firefox
2009-03-01 23:37:58 ----D---- C:\WINDOWS\Prefetch
2009-03-01 17:12:54 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-01 17:05:20 ----D---- C:\WINDOWS
2009-03-01 16:56:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-01 16:25:27 ----D---- C:\Documents and Settings\Owner\Application Data\uTorrent
2009-03-01 03:00:48 ----HD---- C:\WINDOWS\inf
2009-03-01 03:00:44 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-03-01 03:00:25 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-28 04:02:18 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-27 22:46:48 ----D---- C:\WINDOWS\Help
2009-02-27 22:46:48 ----D---- C:\Program Files\Internet Explorer
2009-02-27 22:44:53 ----A---- C:\WINDOWS\imsins.BAK
2009-02-27 22:43:42 ----D---- C:\WINDOWS\system32\en-us
2009-02-27 22:42:46 ----D---- C:\WINDOWS\system32\config
2009-02-27 22:42:29 ----D---- C:\WINDOWS\Media
2009-02-25 20:12:03 ----RD---- C:\Program Files
2009-02-24 21:23:13 ----D---- C:\Program Files\Common Files
2009-02-24 21:23:10 ----D---- C:\WINDOWS\system32\drivers
2009-02-11 23:56:17 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-06 21:51:52 ----D---- C:\Program Files\DivX
2009-02-06 21:51:33 ----SHD---- C:\WINDOWS\Installer
2009-02-06 21:51:33 ----HD---- C:\Config.Msi
2009-02-06 21:49:38 ----SHD---- C:\RECYCLER
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-01-14 5621]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-01-14 23219]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-02-27 40480]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-03-15 25685]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-03-15 34837]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-03-15 4117]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-03-15 2233]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-03-15 85972]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-03-15 14229]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-03-15 6357]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-03-15 98580]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-03-15 100597]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys [2003-06-30 43136]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-08-26 1041152]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-08-26 207616]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-10-08 93979]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-11-18 591808]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-08-26 675840]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 bvrp_pci;bvrp_pci; \??\C:\WINDOWS\System32\drivers\bvrp_pci.sys []
S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS []
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 QV2KUX;Casio Digital Camera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 RT61;Linksys Wireless-G PCI Adapter Driver(RT61); C:\WINDOWS\System32\DRIVERS\RT61.sys [2005-10-27 356096]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-01 152984]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
-----------------EOF-----------------
info:info.txt logfile of random's system information tool 1.05 2009-03-02 18:52:42
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AIM 6-->C:\Program Files\AIM6\uninst.exe
AIM Search-->C:\Program Files\AIM Search\uninstaller.exe AIM Search
AIM Toolbar 5.0-->"C:\Program Files\AOL\AIM Toolbar 5.0\uninstall.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Broadcom 440x 10/100 Integrated Controller-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1033
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant D850 56K V.9x DFVc Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Data Lifeguard Tools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}\Setup.exe"
Dell ResourceCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FLV Player 2.0 (build 25)-->C:\Program Files\FLV Player\uninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software-->C:\Program Files\HP\Digital Imaging\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
iTunes-->MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Last.fm 1.5.2.38918-->"C:\Program Files\Last.fm\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows Essentials Media Codec Pack 1.0-->C:\Program Files\Essentials Codec Pack\uninst.exe
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WordPerfect Office 2002 OEM-->C:\WINDOWS\Corel\uninst32.exe
======Security center information======
AV: McAfee VirusScan
FW: McAfee Personal Firewall
System event log
Computer Name: FRANK-HZ6TTITKD
Event Code: 7035
Message: The IMAPI CD-Burning COM Service service was successfully sent a start control.
Record Number: 930
Source Name: Service Control Manager
Time Written: 20081021205734.000000-240
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: FRANK-HZ6TTITKD
Event Code: 7036
Message: The iPod Service service entered the running state.
Record Number: 929
Source Name: Service Control Manager
Time Written: 20081021205023.000000-240
Event Type: information
User:
Computer Name: FRANK-HZ6TTITKD
Event Code: 7035
Message: The iPod Service service was successfully sent a start control.
Record Number: 928
Source Name: Service Control Manager
Time Written: 20081021205023.000000-240
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: FRANK-HZ6TTITKD
Event Code: 7036
Message: The IMAPI CD-Burning COM Service service entered the stopped state.
Record Number: 927
Source Name: Service Control Manager
Time Written: 20081021205023.000000-240
Event Type: information
User:
Computer Name: FRANK-HZ6TTITKD
Event Code: 7036
Message: The IMAPI CD-Burning COM Service service entered the running state.
Record Number: 926
Source Name: Service Control Manager
Time Written: 20081021205016.000000-240
Event Type: information
User:
Application event log
Computer Name: FRANK-HZ6TTITKD
Event Code: 8
Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
Record Number: 2397
Source Name: crypt32
Time Written: 20090221234233.000000-300
Event Type: error
User:
Computer Name: FRANK-HZ6TTITKD
Event Code: 8
Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
Record Number: 2396
Source Name: crypt32
Time Written: 20090221234233.000000-300
Event Type: error
User:
Computer Name: FRANK-HZ6TTITKD
Event Code: 8
Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
Record Number: 2395
Source Name: crypt32
Time Written: 20090221234233.000000-300
Event Type: error
User:
Computer Name: FRANK-HZ6TTITKD
Event Code: 8
Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
Record Number: 2394
Source Name: crypt32
Time Written: 20090221234233.000000-300
Event Type: error
User:
Computer Name: FRANK-HZ6TTITKD
Event Code: 8
Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.
Record Number: 2393
Source Name: crypt32
Time Written: 20090221234233.000000-300
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------