Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Weird. Network adapters added without my knowledge

  • 15-03-2008 8:51pm
    #1
    kleefarr
    Registered Users, Registered Users 2 Posts: 5,744 ✭✭✭


    Wife came down and said that the computer had frozen. She opened an attachment from "one of her friends".

    Anyway, after trying to restart the PC and it freezing mid "windows starting up" a couple of times, I booted to safe mode and when I checked device manager there were new network adapters (Direct Parallel, WAN Miniport (IP), WAN Miniport (L2TP) and WAN Miniport (PPTP). The original had been disabled. I disconnected the LAN connection. Ran AVG which froze.

    It's now switched off upstairs while I try to discover what to try next.

    I assume there must be some trojan involved. Which should I try first, Spybot, hijackthis or something else?

    Any suggestions gratefully recived, not had this kind of problem in 15 years of computing before.

    Regards,

    Kevin


Comments

  • #2
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Do this

    Please download Deckard's System Scanner (DSS) and save it to your Desktop.
    • Close all other windows before proceeding.
    • Double-click on dss.exe and follow the prompts.
    • If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
    • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.


  • #3
    kleefarr
    Registered Users, Registered Users 2 Posts: 5,744 ✭✭✭kleefarr


    Thanks for the replay ASJ.

    I assume it will be ok to download on my laptop and transfer to PC desktop later?


  • #4
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Yep


  • #5
    kleefarr
    Registered Users, Registered Users 2 Posts: 5,744 ✭✭✭kleefarr


    Deckard's System Scanner v20071014.68
    Run by Home on 2008-03-15 20:34:21
    Computer is in Normal Mode.

    Backed up registry hives.
    Performed disk cleanup.



    -- HijackThis Clone


    Emulating logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2008-03-15 20:35:18
    Platform: Windows 2000 Service Pack 4 (5.00.2195)
    MSIE: Internet Explorer (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINNT\system32\smss.exe
    C:\WINNT\system32\WINLOGON.EXE
    C:\WINNT\system32\SERVICES.EXE
    C:\WINNT\system32\savedump.exe
    C:\WINNT\system32\LSASS.EXE
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\ZoneLabs\vsmon.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
    C:\Program Files\Grisoft\AVG7\avgamsvr.exe
    C:\Program Files\Grisoft\AVG7\avgupsvc.exe
    C:\Program Files\Grisoft\AVG7\avgemc.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\mstask.exe
    C:\WINNT\system32\wbem\winmgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\explorer.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\WINNT\soundman.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Documents and Settings\Home\Desktop\dss.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iol.ie/
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
    O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM
    O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1204831448223
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O20 - Winlogon Notify: AtiExtEvent - C:\WINNT\system32\Ati2evxx.dll
    O20 - Winlogon Notify: cscdll - C:\WINNT\system32\cscdll.dll
    O20 - Winlogon Notify: wzcnotif - C:\WINNT\system32\wzcdlg.dll
    O21 - SSODL: Network.ConnectionTray - {7007ACCF-3202-11D1-AAD2-00805FC1270E} - C:\WINNT\system32\netshell.dll
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINNT\system32\stobject.dll
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\system32\dmadmin.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe


    --
    End of file - 4167 bytes

    -- File Associations

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled

    R2 tifsfilter (Acronis True Image FS Filter) - c:\winnt\system32\drivers\tifsfilt.sys <Not Verified; Acronis; Acronis True Image>
    R3 ialm - c:\winnt\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
    R3 NtApm (NT Apm/Legacy Interface Driver) - c:\winnt\system32\drivers\ntapm.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    R3 usbhub20 (USB 2.0 Root Hub Support) - c:\winnt\system32\drivers\usbhub20.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>

    S3 MPE (BDA MPE Filter) - c:\winnt\system32\drivers\mpe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled

    All services whitelisted.


    -- Device Manager: Disabled

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: WAN Miniport (L2TP)
    Device ID: ROOT\MS_L2TPMINIPORT\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (L2TP)
    PNP Device ID: ROOT\MS_L2TPMINIPORT\0000
    Service: Rasl2tp

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: WAN Miniport (IP)
    Device ID: ROOT\MS_NDISWANIP\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (IP)
    PNP Device ID: ROOT\MS_NDISWANIP\0000
    Service: NdisWan

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: WAN Miniport (PPTP)
    Device ID: ROOT\MS_PPTPMINIPORT\0000
    Manufacturer: Microsoft
    Name: WAN Miniport (PPTP)
    PNP Device ID: ROOT\MS_PPTPMINIPORT\0000
    Service: PptpMiniport

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Direct Parallel
    Device ID: ROOT\MS_PTIMINIPORT\0000
    Manufacturer: Microsoft
    Name: Direct Parallel
    PNP Device ID: ROOT\MS_PTIMINIPORT\0000
    Service: Raspti

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) PRO/100 VE Network Connection
    Device ID: PCI\VEN_8086&DEV_103A&SUBSYS_10398086&REV_81\3&6E3F6E6&0&40F0
    Manufacturer: Intel
    Name: Intel(R) PRO/100 VE Network Connection
    PNP Device ID: PCI\VEN_8086&DEV_103A&SUBSYS_10398086&REV_81\3&6E3F6E6&0&40F0
    Service: E100B


    -- Files created between 2008-02-15 and 2008-03-15

    2008-03-12 11:49:00 0 d
    C:\WINNT\SendTo
    2008-03-12 11:47:40 0 d
    C:\WINNT\forms
    2008-03-12 11:47:39 0 d
    C:\Program Files\Windows Messaging
    2008-03-12 11:01:10 37680 --a
    C:\WINNT\system32\drivers\ohci1394.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-12 11:00:59 40752 --a
    C:\WINNT\system32\drivers\1394bus.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-11 09:57:05 21776 --a
    C:\WINNT\system32\drivers\mouclass.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-11 09:57:03 46992 --a
    C:\WINNT\system32\drivers\i8042prt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-10 15:17:48 0 d
    C:\Program Files\Team Craxtion
    2008-03-08 16:18:43 0 d
    C:\Documents and Settings\Home\Application Data\Macromedia
    2008-03-08 16:18:42 0 d
    C:\Documents and Settings\Home\Application Data\Adobe
    2008-03-08 16:18:40 0 d
    C:\WINNT\system32\Macromed
    2008-03-08 09:57:31 0 d
    C:\Documents and Settings\Home\Application Data\Ahead
    2008-03-08 09:41:25 0 d
    C:\Documents and Settings\All Users\Application Data\Ahead
    2008-03-08 09:34:30 0 d
    C:\Documents and Settings\Home\Application Data\vlc
    2008-03-08 09:33:27 0 d
    C:\Documents and Settings\Home\Application Data\dvdcss
    2008-03-07 15:15:14 35600 --a
    C:\WINNT\system32\storprop.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-07 15:15:14 35344 --a
    C:\WINNT\system32\drivers\redbook.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-07 15:15:10 27984 --a
    C:\WINNT\system32\drivers\cdrom.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-07 15:11:05 0 d
    C:\Program Files\VideoLAN
    2008-03-07 15:10:25 0 d
    C:\Program Files\QuickPar
    2008-03-07 15:07:28 0 d
    C:\Program Files\Winamp
    2008-03-07 14:45:12 0 d
    C:\Documents and Settings\Home\Application Data\Free Download Manager
    2008-03-07 14:45:08 0 d
    C:\Program Files\Free Download Manager
    2008-03-07 14:40:29 0 d
    C:\Documents and Settings\Home\Application Data\Identities
    2008-03-07 14:40:24 0 d--h
    C:\Documents and Settings\Home\Templates
    2008-03-07 14:40:24 0 d
    C:\Documents and Settings\Home\Start Menu
    2008-03-07 14:40:24 0 d--h
    C:\Documents and Settings\Home\SendTo
    2008-03-07 14:40:24 0 dr-h
    C:\Documents and Settings\Home\Recent
    2008-03-07 14:40:24 0 d--h
    C:\Documents and Settings\Home\PrintHood
    2008-03-07 14:40:24 581632 --ah
    C:\Documents and Settings\Home\NTUSER.DAT
    2008-03-07 14:40:24 0 d--h
    C:\Documents and Settings\Home\NetHood
    2008-03-07 14:40:24 0 d
    C:\Documents and Settings\Home\My Documents
    2008-03-07 14:40:24 0 d--h
    C:\Documents and Settings\Home\Local Settings
    2008-03-07 14:40:24 0 dr
    C:\Documents and Settings\Home\Favorites
    2008-03-07 14:40:24 0 d
    C:\Documents and Settings\Home\Desktop
    2008-03-07 14:40:24 0 d---s---- C:\Documents and Settings\Home\Cookies
    2008-03-07 14:40:24 0 d--h
    C:\Documents and Settings\Home\Application Data
    2008-03-07 14:40:24 0 d
    C:\Documents and Settings\Home\Application Data\AVG7
    2008-03-07 13:02:00 0 d--h
    C:\WINNT\msdownld.tmp
    2008-03-07 12:59:45 0 d
    C:\WINNT\Windows Update Setup Files
    2008-03-07 12:54:03 1111080 ---h
    C:\WINNT\ShellIconCache
    2008-03-07 12:45:02 0 d
    C:\WINNT\system32\Windows Media
    2008-03-07 12:44:02 0 d--h---c- C:\WINNT\$NtUpdateRollupPackUninstall$
    2008-03-07 12:43:56 0 d
    C:\WINNT\msiinst.tmp
    2008-03-07 12:42:29 0 d--h---c- C:\WINNT\$SQLUninstallMDAC25SP3-KB927779-x86-ENU$
    2008-03-07 12:40:42 0 d
    C:\WINNT\mui
    2008-03-06 19:28:52 0 d
    C:\WINNT\system32\BITS
    2008-03-06 19:24:20 0 d
    C:\WINNT\SoftwareDistribution
    2008-03-06 19:17:45 35760 --a
    C:\WINNT\system32\drivers\sbp2port.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 18:57:53 11632 --a
    C:\WINNT\system32\drivers\mouhid.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 18:57:51 13904 --a
    C:\WINNT\system32\drivers\hidusb.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 18:42:46 47 --a
    C:\WINNT\DOSSTART.BAT
    2008-03-06 18:42:32 0 d
    C:\Program Files\Microsoft Hardware
    2008-03-06 18:07:14 0 d
    C:\Documents and Settings\All Users\Application Data\MailFrontier
    2008-03-06 18:07:05 4212 ---h
    C:\WINNT\system32\zllictbl.dat
    2008-03-06 18:06:52 11264 --a
    C:\WINNT\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
    2008-03-06 18:06:24 0 d
    C:\WINNT\system32\ZoneLabs
    2008-03-06 18:04:15 0 d-a
    C:\WINNT\Internet Logs
    2008-03-06 18:00:05 49152 -ra
    C:\WINNT\system32\ChCfg.exe
    2008-03-06 17:59:57 147456 -ra
    C:\WINNT\system32\RtlCPAPI.dll <Not Verified; ; RtlCPAPI Module>
    2008-03-06 17:59:57 217088 -ra
    C:\WINNT\Alcrmv.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Removing driver Tool>
    2008-03-06 17:59:53 10528768 -ra
    C:\WINNT\system32\RTLCPL.exe <Not Verified; Realtek Semiconductor Corp.; Realtek Audio Sound Effect Manager>
    2008-03-06 17:59:50 4027840 -ra
    C:\WINNT\system32\drivers\alcxwdm.sys <Not Verified; Realtek Semiconductor Corp.; Windows (R) WDM driver for Realtek AC'97 Audio(HRTF data Copyright 1994 by MIT Media Lab)>
    2008-03-06 17:59:50 577536 -ra
    C:\WINNT\soundman.exe <Not Verified; Realtek Semiconductor Corp.; Realtek Sound Manager>
    2008-03-06 17:59:49 148208 --a
    C:\WINNT\system32\drivers\portcls.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 17:59:46 0 d
    C:\Program Files\Realtek Sound Manager
    2008-03-06 17:59:45 0 d
    C:\Program Files\AvRack
    2008-03-06 17:59:35 0 d
    C:\Program Files\Realtek AC97
    2008-03-06 17:59:24 315392 -ra
    C:\WINNT\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Update driver Tool>
    2008-03-06 17:37:28 0 d
    C:\Program Files\Lavalys
    2008-03-06 17:35:01 0 d
    C:\Program Files\CCleaner
    2008-03-06 17:34:04 0 d
    C:\Documents and Settings\Administrator\Application Data\AVG7
    2008-03-06 17:33:52 0 d
    C:\Documents and Settings\Default User\Application Data\AVG7
    2008-03-06 17:33:25 0 d
    C:\Documents and Settings\All Users\Application Data\Grisoft
    2008-03-06 17:33:25 0 d-a
    C:\Documents and Settings\All Users\Application Data\avg7
    2008-03-06 17:31:04 53248 -ra
    C:\WINNT\system32\Prounstl.exe <Not Verified; Intel Corporation; Intel(R) PRO Adapter>
    2008-03-06 17:31:04 23040 -ra
    C:\WINNT\system32\IntelNic.dll <Not Verified; Intel Corporation; Intel(R) PROSet>
    2008-03-06 17:31:04 139536 -ra
    C:\WINNT\system32\drivers\e100bnt5.sys <Not Verified; Intel Corporation; Intel(R) PRO Adapter>
    2008-03-06 17:23:43 22064 --a
    C:\WINNT\system32\drivers\pciidex.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 17:23:42 3088 --a
    C:\WINNT\system32\drivers\pciide.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 17:23:42 86672 --a
    C:\WINNT\system32\drivers\atapi.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 17:23:37 59664 --a
    C:\WINNT\system32\usbui.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 17:23:37 40176 --a
    C:\WINNT\system32\drivers\usbhub.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 17:23:37 20688 --a
    C:\WINNT\system32\drivers\usbd.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 17:23:37 32848 --a
    C:\WINNT\system32\drivers\uhcd.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 17:23:32 46992 --a
    C:\WINNT\system32\drivers\isapnp.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 17:23:30 59312 --a
    C:\WINNT\system32\drivers\pci.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 16:20:25 307200 -ra
    C:\WINNT\system32\atiiiexx.dll <Not Verified; ATI Technologies Inc.; ATI Display Driver Utilities>
    2008-03-06 16:20:13 95617 -ra
    C:\WINNT\system32\atiicdxx.dat
    2008-03-06 15:59:52 0 d
    C:\WINNT\RegisteredPackages
    2008-03-06 15:59:14 47104 --a
    C:\WINNT\system32\wstdecod.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 354816 --a
    C:\WINNT\system32\psisdecd.dll
    2008-03-06 15:59:14 16896 --a
    C:\WINNT\system32\msyuv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 480256 --a
    C:\WINNT\system32\msvidctl.dll <Not Verified; Microsoft Corporation; DirectShow>
    2008-03-06 15:59:14 4096 --a
    C:\WINNT\system32\ksuser.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 18688 --a
    C:\WINNT\system32\drivers\wstcodec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 4096 --a
    C:\WINNT\system32\drivers\swenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 14976 --a
    C:\WINNT\system32\drivers\streamip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 48512 --a
    C:\WINNT\system32\drivers\stream.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 10880 --a
    C:\WINNT\system32\drivers\slip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 10112 --a
    C:\WINNT\system32\drivers\ndisip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 83968 --a
    C:\WINNT\system32\drivers\nabtsfec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 5504 --a
    C:\WINNT\system32\drivers\mstee.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 5248 --a
    C:\WINNT\system32\drivers\mspclock.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 7424 --a
    C:\WINNT\system32\drivers\mskssrv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 56832 --a
    C:\WINNT\system32\drivers\msdv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 15104 --a
    C:\WINNT\system32\drivers\mpe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 130304 --a
    C:\WINNT\system32\drivers\ks.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 16384 --a
    C:\WINNT\system32\drivers\ccdecode.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:14 11392 --a
    C:\WINNT\system32\drivers\bdasup.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:09 733184 --a
    C:\WINNT\system32\qedwipes.dll
    2008-03-06 15:59:08 1798144 --a
    C:\WINNT\system32\qedit.dll
    2008-03-06 15:59:08 173056 --a
    C:\WINNT\system32\qasf.dll
    2008-03-06 15:59:08 324096 --a
    C:\WINNT\system32\mswebdvd.dll <Not Verified; Microsoft Corporation; DirectShow>
    2008-03-06 15:59:07 13312 --a
    C:\WINNT\system32\msdmo.dll
    2008-03-06 15:59:06 470528 --a
    C:\WINNT\system32\qdvd.dll
    2008-03-06 15:59:05 316928 --a
    C:\WINNT\system32\qdv.dll
    2008-03-06 15:59:05 257024 --a
    C:\WINNT\system32\qcap.dll
    2008-03-06 15:59:05 34304 --a
    C:\WINNT\system32\mciqtz32.dll
    2008-03-06 15:59:05 18944 --a
    C:\WINNT\system32\encapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:05 132608 --a
    C:\WINNT\system32\devenum.dll
    2008-03-06 15:59:05 64512 --a
    C:\WINNT\system32\amstream.dll
    2008-03-06 15:59:04 122880 --a
    C:\WINNT\system32\dmusic.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:04 100864 --a
    C:\WINNT\system32\dmsynth.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:04 98816 --a
    C:\WINNT\system32\dmstyle.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:04 33280 --a
    C:\WINNT\system32\dmloader.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:04 181248 --a
    C:\WINNT\system32\dmime.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:04 58368 --a
    C:\WINNT\system32\dmcompos.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:04 27136 --a
    C:\WINNT\system32\dmband.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:04 49424 --a
    C:\WINNT\system32\d3dxof.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 15:59:04 364816 --a
    C:\WINNT\system32\d3drm.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 15:59:04 591120 --a
    C:\WINNT\system32\d3dramp.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 15:59:04 37648 --a
    C:\WINNT\system32\d3dpmesh.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 15:59:04 446224 --a
    C:\WINNT\system32\d3dim.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 15:59:03 18432 --a
    C:\WINNT\system32\dswave.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:03 76800 --a
    C:\WINNT\system32\dmscript.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:03 664576 --a
    C:\WINNT\system32\dinput8.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:02 1703936 --a
    C:\WINNT\system32\d3d9.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:01 1201152 --a
    C:\WINNT\system32\d3d8.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:00 46592 --a
    C:\WINNT\system32\dxdllreg.exe <Not Verified; Microsoft Corporation; Microsoft® DirectX for Windows® Operating System>
    2008-03-06 15:59:00 1769472 --a
    C:\WINNT\system32\dxdiagn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:00 974848 --a
    C:\WINNT\system32\dxdiag.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:00 491520 --a
    C:\WINNT\system32\dsdmoprp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:00 186880 --a
    C:\WINNT\system32\dsdmo.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:00 112128 --a
    C:\WINNT\system32\dpvvox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:00 80896 --a
    C:\WINNT\system32\dpvsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:00 381952 --a
    C:\WINNT\system32\dpvoice.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:59:00 19968 --a
    C:\WINNT\system32\dpvacm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 31744 --a
    C:\WINNT\system32\pid.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 206336 --a
    C:\WINNT\system32\gcdef.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 1189888 --a
    C:\WINNT\system32\dx8vb.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 602624 --a
    C:\WINNT\system32\dx7vb.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 1294336 --a
    C:\WINNT\system32\dsound3d.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 381952 --a
    C:\WINNT\system32\dsound.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 79360 --a
    C:\WINNT\system32\dpwsockx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 16896 --a
    C:\WINNT\system32\dpnsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 3072 --a
    C:\WINNT\system32\dpnlobby.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 68096 --a
    C:\WINNT\system32\dpnhupnp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 32768 --a
    C:\WINNT\system32\dpnhpast.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 723968 --a
    C:\WINNT\system32\dpnet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 3072 --a
    C:\WINNT\system32\dpnaddr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 77824 --a
    C:\WINNT\system32\dpmodemx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 230400 --a
    C:\WINNT\system32\dplayx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 28160 --a
    C:\WINNT\system32\dplaysvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 645120 --a
    C:\WINNT\system32\dinput.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 44032 --a
    C:\WINNT\system32\dimap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 459264 --a
    C:\WINNT\system32\diactfrm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 292864 --a
    C:\WINNT\system32\ddraw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:59 7168 --a
    C:\WINNT\system32\d3d8thk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:58 797184 --a
    C:\WINNT\system32\d3dim700.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 15:58:32 0 d
    C:\WINNT\system32\DirectX
    2008-03-06 15:55:54 0 d
    C:\WINNT\system32\URTTemp
    2008-03-06 15:55:06 0 d
    C:\Program Files\ATI Technologies
    2008-03-06 15:33:19 21008 --a
    C:\WINNT\system32\drivers\AGP440.SYS <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 15:02:55 0 d
    C:\Documents and Settings\All Users\Application Data\Seagate
    2008-03-06 15:01:03 0 d
    C:\Program Files\HDDGURU LLF Tool
    2008-03-06 14:57:28 32768 --a
    C:\WINNT\system32\drivers\tifsfilt.sys <Not Verified; Acronis; Acronis True Image>
    2008-03-06 14:57:03 0 d
    C:\Program Files\Seagate
    2008-03-06 14:57:03 0 d
    C:\Program Files\Common Files\Seagate
    2008-03-06 12:00:15 106496 --a
    C:\WINNT\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
    2008-03-06 12:00:13 38912 --a
    C:\WINNT\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
    2008-03-06 12:00:12 155648 --a
    C:\WINNT\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
    2008-03-06 12:00:12 544768 --a
    C:\WINNT\system32\imagx5.dll <Not Verified; Pegasus Software, LLC; ImagXpress>
    2008-03-06 12:00:12 569344 --a
    C:\WINNT\system32\imagr5.dll <Not Verified; Pegasus Software,LLC; ImagXpress>
    2008-03-06 12:00:12 0 d
    C:\Program Files\Common Files\Ahead
    2008-03-06 12:00:09 0 d
    C:\Program Files\Ahead
    2008-03-06 11:38:40 0 d
    C:\Intel
    2008-03-06 11:38:38 163840 --a
    C:\WINNT\system32\igfxres.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:50 114688 --a
    C:\WINNT\system32\igfxzoom.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:50 155648 --a
    C:\WINNT\system32\igfxtray.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:49 348160 --a
    C:\WINNT\system32\igfxsrvc.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:38 1245184 --a
    C:\WINNT\system32\igfxress.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:33 225280 --a
    C:\WINNT\system32\igfxpph.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:31 131072 --a
    C:\WINNT\system32\igfxhk.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:27 106496 --a
    C:\WINNT\system32\igfxext.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:27 36864 --a
    C:\WINNT\system32\igfxexps.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:26 225280 --a
    C:\WINNT\system32\igfxeud.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:26 86016 --a
    C:\WINNT\system32\igfxdo.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:26 151552 --a
    C:\WINNT\system32\igfxdiag.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:26 45056 --a
    C:\WINNT\system32\igfxdgps.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:25 139264 --a
    C:\WINNT\system32\igfxdev.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:24 503808 --a
    C:\WINNT\system32\igfxcfg.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:24 37951 --a
    C:\WINNT\system32\ialmrnt5.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
    2008-03-06 11:35:23 49152 --a
    C:\WINNT\system32\ialmrem.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
    2008-03-06 11:35:22 773565 --a
    C:\WINNT\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
    2008-03-06 11:35:16 2289664 --a
    C:\WINNT\system32\ialmgicd.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
    2008-03-06 11:35:14 512000 --a
    C:\WINNT\system32\ialmgdev.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
    2008-03-06 11:35:14 100924 --a
    C:\WINNT\system32\ialmdnt5.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
    2008-03-06 11:35:14 164475 --a
    C:\WINNT\system32\ialmdev5.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
    2008-03-06 11:35:11 819259 --a
    C:\WINNT\system32\ialmdd5.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
    2008-03-06 11:35:11 61440 --a
    C:\WINNT\system32\iAlmCoIn_v3943.dll <Not Verified; Intel Corporation; i830M>
    2008-03-06 11:35:11 126976 --a
    C:\WINNT\system32\hkcmd.exe <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:35:11 118784 --a
    C:\WINNT\system32\hccutils.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
    2008-03-06 11:31:42 0 d
    C:\Program Files\Intel
    2008-03-06 11:31:24 0 d--h
    C:\Program Files\InstallShield Installation Information
    2008-03-06 11:31:17 0 d
    C:\Program Files\Common Files\InstallShield
    2008-03-06 11:24:55 0 d
    C:\WINNT\system32\NtmsData
    2008-03-06 11:24:44 0 d--hs---- C:\WINNT\Installer
    2008-03-06 11:24:43 0 d
    C:\Documents and Settings\Administrator\Application Data\Identities
    2008-03-06 11:24:25 0 d--hs---- C:\System Volume Information
    2008-03-06 11:24:21 0 d--h
    C:\WINNT\system32\GroupPolicy
    2008-03-06 11:24:17 0 d--h
    C:\Documents and Settings\Administrator\Templates
    2008-03-06 11:24:17 0 d
    C:\Documents and Settings\Administrator\Start Menu
    2008-03-06 11:24:17 0 d--h
    C:\Documents and Settings\Administrator\SendTo
    2008-03-06 11:24:17 0 dr-h
    C:\Documents and Settings\Administrator\Recent
    2008-03-06 11:24:17 0 d--h
    C:\Documents and Settings\Administrator\PrintHood
    2008-03-06 11:24:17 0 d--h
    C:\Documents and Settings\Administrator\NetHood
    2008-03-06 11:24:17 0 d
    C:\Documents and Settings\Administrator\My Documents
    2008-03-06 11:24:17 0 d--h
    C:\Documents and Settings\Administrator\Local Settings
    2008-03-06 11:24:17 0 dr
    C:\Documents and Settings\Administrator\Favorites
    2008-03-06 11:24:17 0 d
    C:\Documents and Settings\Administrator\Desktop
    2008-03-06 11:24:17 0 d---s---- C:\Documents and Settings\Administrator\Cookies
    2008-03-06 11:24:17 0 d--h
    C:\Documents and Settings\Administrator\Application Data
    2008-03-06 11:24:17 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
    2008-03-06 11:24:16 376832 --ah
    C:\Documents and Settings\Administrator\NTUSER.DAT
    2008-03-06 11:24:15 0 d--hs---- C:\WINNT\CSC
    2008-03-06 11:24:11 0 d
    C:\WINNT\system32\Microsoft
    2008-03-06 11:21:14 0 d
    C:\WINNT\system32\rpcproxy
    2008-03-06 11:21:14 0 d
    C:\WINNT\system32\rocket
    2008-03-06 11:21:14 0 d
    C:\WINNT\system32\inetsrv
    2008-03-06 11:21:14 0 d
    C:\WINNT\mww32
    2008-03-06 11:21:14 0 d
    C:\WINNT\ime
    2008-03-06 11:21:14 0 d
    C:\Program Files\microsoft frontpage
    2008-03-06 11:20:52 122880 ---h
    C:\Documents and Settings\Default User\NTUSER.DAT
    2008-03-06 11:20:21 0 -rahs---- C:\MSDOS.SYS
    2008-03-06 11:20:21 0 -rahs---- C:\IO.SYS
    2008-03-06 11:20:21 0 ---h
    C:\CONFIG.SYS
    2008-03-06 11:20:21 0 ---h
    C:\AUTOEXEC.BAT
    2008-03-06 11:19:50 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
    2008-03-06 11:19:37 0 d--hs---- C:\Documents and Settings\All Users\DRM
    2008-03-06 11:19:31 0 dr
    C:\WINNT\Offline Web Pages
    2008-03-06 11:19:31 0 d---s---- C:\WINNT\Downloaded Program Files
    2008-03-06 11:19:19 0 d-a-s---- C:\WINNT\Tasks
    2008-03-06 11:19:19 10000 --a
    C:\WINNT\system32\mstinit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Task Scheduler>
    2008-03-06 11:19:18 251152 --a
    C:\WINNT\system32\inetcfg.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:19:18 49424 --a
    C:\WINNT\system32\icwphbk.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:19:18 57104 --a
    C:\WINNT\system32\icwdial.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:19:18 5904 --a
    C:\WINNT\system32\icfgnt5.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:19:13 72464 --a
    C:\WINNT\system32\isign32.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:19:01 15012 --a
    C:\WINNT\system32\emptyregdb.dat
    2008-03-06 11:18:26 0 d
    C:\WINNT\Registration
    2008-03-06 11:18:09 0 d
    C:\WINNT\system32\DTCLog
    2008-03-06 11:18:03 0 d-ah
    C:\Program Files\WindowsUpdate
    2008-03-06 11:18:00 6416 --a
    C:\WINNT\system32\write.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:54 68368 --a
    C:\WINNT\system32\sndvol32.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:53 118032 --a
    C:\WINNT\system32\mplay32.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:53 337680 --a
    C:\WINNT\system32\cdplayer.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:51 76048 --a
    C:\WINNT\system32\avwav.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:51 17168 --a
    C:\WINNT\system32\avmeter.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:50 66832 --a
    C:\WINNT\system32\winchat.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:47 406800 --a
    C:\WINNT\system32\getuname.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:47 99600 --a
    C:\WINNT\system32\clipbrd.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:47 90384 --a
    C:\WINNT\system32\charmap.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:46 641808 --a
    C:\WINNT\system32\xiffr3_0.dll <Not Verified; Scansoft; Scansoft XIFF 3.0 Reader>
    2008-03-06 11:17:46 96528 --a
    C:\WINNT\system32\winmine.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:46 34064 --a
    C:\WINNT\system32\sol.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:46 34064 --a
    C:\WINNT\system32\freecell.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:46 91408 --a
    C:\WINNT\system32\calc.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:46 0 d
    C:\Program Files\Accessories
    2008-03-06 11:17:45 25872 --a
    C:\WINNT\system32\oitwa400.dll <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
    2008-03-06 11:17:45 13072 --a
    C:\WINNT\system32\oissq400.dll <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
    2008-03-06 11:17:45 21776 --a
    C:\WINNT\system32\oislb400.dll <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
    2008-03-06 11:17:45 13072 --a
    C:\WINNT\system32\oiprt400.dll <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
    2008-03-06 11:17:45 6928 --a
    C:\WINNT\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
    2008-03-06 11:17:45 27920 --a
    C:\WINNT\system32\jpeg1x32.dll <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
    2008-03-06 11:17:45 13584 --a
    C:\WINNT\system32\imgshl.dll <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
    2008-03-06 11:17:45 60688 --a
    C:\WINNT\system32\imgcmn.dll <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
    2008-03-06 11:17:44 84240 --a
    C:\WINNT\system32\txflog.dll <Not Verified; Microsoft Corporation; COM Services>
    2008-03-06 11:17:44 3856 --a
    C:\WINNT\system32\mtxex.dll <Not Verified; Microsoft Corporation; COM Services>
    2008-03-06 11:17:44 147216 --a
    C:\WINNT\system32\DComExt.dll <Not Verified; Microsoft Corporation; COM Services>
    2008-03-06 11:17:44 146192 --a
    C:\WINNT\system32\comsnap.dll <Not Verified; Microsoft Corporation; COM Services>
    2008-03-06 11:17:44 21264 --a
    C:\WINNT\system32\comclust.exe <Not Verified; Microsoft Corporation; COM Services>
    2008-03-06 11:17:44 29968 --a
    C:\WINNT\system32\comaddin.dll <Not Verified; Microsoft Corporation; COM Services>
    2008-03-06 11:17:44 55056 --a
    C:\WINNT\system32\catsrvps.dll <Not Verified; Microsoft Corporation; COM Services>
    2008-03-06 11:17:43 107792 --a
    C:\WINNT\system32\sndrec32.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:43 319760 --a
    C:\WINNT\system32\mspaint.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:43 21776 --a
    C:\WINNT\system32\hticons.dll <Not Verified; Hilgraeve, Inc.; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:43 226576 --a
    C:\WINNT\system32\avtapi.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:43 150800 --a
    C:\WINNT\system32\accwiz.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:43 0 d
    C:\Program Files\Windows NT
    2008-03-06 11:17:42 9216 --a
    C:\WINNT\system32\wuauserv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2008-03-06 11:17:42 53008 --a
    C:\WINNT\system32\packager.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:17:42 61712 --a
    C:\WINNT\system32\oiui400.dll <Not Verified; Eastman Software, Inc., A Kodak Business; Imaging for Windows®>
    2008-03-06 11:17:40 0 d
    C:\WINNT\system32\Com
    2008-03-06 11:16:19 0 d
    C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-03-06 11:15:07 4816 --a
    C:\WINNT\system32\drivers\MSPQM.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:15:06 73872 --a
    C:\WINNT\system32\drivers\wdmaud.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:15:04 148304 --a
    C:\WINNT\system32\drivers\kmixer.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:15:03 47568 --a
    C:\WINNT\system32\drivers\sysaudio.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:14:58 51152 --a
    C:\WINNT\system32\drivers\DMusic.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:14:57 53552 --a
    C:\WINNT\system32\drivers\swmidi.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:14:50 9104 --a
    C:\WINNT\system32\drivers\NtApm.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:14:50 2896 --a
    C:\WINNT\system32\drivers\audstub.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:12:54 9808 --a
    C:\WINNT\system32\drivers\gameenum.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:12:52 2832 --a
    C:\WINNT\system32\drivers\msmpu401.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:12:24 138288 --a
    C:\WINNT\system32\drivers\usbport.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:12:24 49776 --a
    C:\WINNT\system32\drivers\usbhub20.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:12:23 19728 --a
    C:\WINNT\system32\drivers\usbehci.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:12:22 4624 --a
    C:\WINNT\system32\drivers\intelide.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:11:11 0 d-a
    C:\Program Files\Common Files\ODBC
    2008-03-06 11:11:08 0 d-a
    C:\WINNT\Speech
    2008-03-06 11:11:07 5392 --a
    C:\WINNT\delttsul.exe <Not Verified; Microsoft Corporation; Microsoft Speech>
    2008-03-06 11:11:07 0 dra
    C:\Program Files
    2008-03-06 11:11:07 0 d-a
    C:\Program Files\Common Files
    2008-03-06 11:11:03 148992 --a
    C:\WINNT\system32\spxcoins.dll <Not Verified; Specialix International Ltd.; Specialix Multi-port Serial CoInstaller>
    2008-03-06 11:11:03 85264 --a
    C:\WINNT\system32\dgsetup.dll <Not Verified; Digi International; DGSETUP Dynamic Link Library>
    2008-03-06 11:11:03 123904 --a
    C:\WINNT\system32\dgrpsetu.dll <Not Verified; Digi; Digi dgrpsetu>
    2008-03-06 11:11:02 176400 --a
    C:\WINNT\system32\EqnClass.Dll <Not Verified; Equinox Systems Inc.; Equinox Multiport Serial Coinstaller>
    2008-03-06 11:11:02 6416 --a
    C:\WINNT\system32\batt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:11:02 9008 --a
    C:\WINNT\system\VER.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
    2008-03-06 11:11:02 21344 --a
    C:\WINNT\system\TAPI.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
    2008-03-06 11:11:02 5120 --a
    C:\WINNT\system\SHELL.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
    2008-03-06 11:11:02 24064 --a
    C:\WINNT\system\OLESVR.DLL <Not Verified; Microsoft Corporation; Microsoft Object Linking and Embedding Libraries for Windows>
    2008-03-06 11:11:02 82944 --a
    C:\WINNT\system\OLECLI.DLL <Not Verified; Microsoft Corporation; Microsoft Object Linking and Embedding Libraries for Windows*>
    2008-03-06 11:11:02 126912 --a
    C:\WINNT\system\MSVIDEO.DLL <Not Verified; Microsoft Corporation; Microsoft Video for Windows>
    2008-03-06 11:11:02 68624 --a
    C:\WINNT\system\MMSYSTEM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
    2008-03-06 11:11:01 35600 --a
    C:\WINNT\TASKMAN.EXE <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:11:01 9936 --a
    C:\WINNT\system\LZEXPAND.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
    2008-03-06 11:11:01 28288 --a
    C:\WINNT\system\COMMDLG.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
    2008-03-06 11:11:01 107984 --a
    C:\WINNT\system\AVIFILE.DLL <Not Verified; Microsoft Corporation; Microsoft Video for Windows>
    2008-03-06 11:11:01 69584 --a
    C:\WINNT\system\AVICAP.DLL <Not Verified; Microsoft Corporation; Microsoft Video for Windows>
    2008-03-06 11:11:01 50960 --a
    C:\WINNT\NOTEPAD.EXE <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    2008-03-06 11:10:11 0 d--h
    C:\Documents and Settings\Default User\Templates
    2008-03-06 11:10:11 0 d
    C:\Documents and Settings\Default User\Start Menu
    2008-03-06 11:10:11 0 d--h
    C:\Documents and Settings\Default User\SendTo
    2008-03-06 11:10:11 0 d--h
    C:\Documents and Settings\Default User\Recent
    2008-03-06 11:10:11 0 d--h
    C:\Documents and Settings\Default User\PrintHood
    2008-03-06 11:10:11 0 d--h
    C:\Documents and Settings\Default User\NetHood
    2008-03-06 11:10:11 0 d
    C:\Documents and Settings\Default User\My Documents
    2008-03-06 11:10:11 0 d--h
    C:\Documents and Settings\Default User\Local Settings
    2008-03-06 11:10:11 0 d
    C:\Documents and Settings\Default User\Favorites
    2008-03-06 11:10:11 0 d
    C:\Documents and Settings\Default User\Desktop
    2008-03-06 11:10:11 0 d---s---- C:\Documents and Settings\Default User\Cookies
    2008-03-06 11:10:11 0 d--h
    C:\Documents and Settings\Default User\Application Data
    2008-03-06 11:10:11 0 d--h
    C:\Documents and Settings\All Users\Templates
    2008-03-06 11:10:11 0 d
    C:\Documents and Settings\All Users\Start Menu
    2008-03-06 11:10:11 0 d
    C:\Documents and Settings\All Users\Favorites
    2008-03-06 11:10:11 0 d-a
    C:\Documents and Settings\All Users\Documents
    2008-03-06 11:10:11 0 d
    C:\Documents and Settings\All Users\Desktop
    2008-03-06 11:10:11 0 d-ah
    C:\Documents and Settings\All Users\Application Data
    2008-03-06 11:09:38 0 d-a
    C:\WINNT\system32\CatRoot
    2008-03-06 11:09:23 0 d-a
    C:\Documents and Settings
    2008-03-06 11:05:27 0 d-a
    C:\WINNT
    2008-03-06 11:05:27 0 d---s---- C:\WINNT\Web
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\twain_32
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\wins
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\wbem
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\spool
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\ShellExt
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\Setup
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\ras
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\os2
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\npp
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\mui
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\ie_de
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\ias
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\export
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\drivers
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\drivers\etc
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\drivers\disdn
    2008-03-06 11:05:27 0 drahs--c- C:\WINNT\system32\dllcache
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\dhcp
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system32\config
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\system
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\security
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\repair
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\msagent
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\Media
    2008-03-06 11:05:27 0 d--h
    C:\WINNT\inf
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\Help
    2008-03-06 11:05:27 0 dra-s---- C:\WINNT\Fonts
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\Driver Cache
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\Debug
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\Cursors
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\Connection Wizard
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\Config
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\AppPatch
    2008-03-06 11:05:27 0 d-a
    C:\WINNT\addins


    -- Find3M Report

    2008-03-06 11:19:32 21952 ---h
    C:\Program Files\folder.htt
    2008-03-06 11:19:32 271 ---h
    C:\Program Files\desktop.ini


    -- Registry Dump

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Synchronization Manager"="mobsync.exe" [19/06/03 11:05 C:\WINNT\system32\mobsync.exe]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [06/03/08 19:10 ]
    "SoundMan"="SOUNDMAN.EXE" [17/11/06 05:42 C:\WINNT\soundman.exe]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [14/11/07 16:05 ]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
    "nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
    "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "internat.exe"=internat.exe

    C:\Documents and Settings\Home\Start Menu\Programs\Startup\
    Microsoft Find Fast.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [21/11/1996]
    Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [21/11/1996]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Authentication Packages"= msv1_0 relog_ap

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
    @=&quot;Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
    @=&quot;Driver"




    -- End of Deckard's System Scanner: finished at 2008-03-15 20:35:54


  • #6
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Hello

    1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present):

    O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM
    O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\RELATED.HTM

    2. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.


    Reboot and post a new HijackThis log


  • Advertisement
  • #7
    kleefarr
    Registered Users, Registered Users 2 Posts: 5,744 ✭✭✭kleefarr


    Thanks for the help so far ASJ.

    New hijackthis log.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:20:49, on 15/03/2008
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\ZoneLabs\vsmon.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\WINNT\SOUNDMAN.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.iol.ie/
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1204831448223
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe

    --
    End of file - 3054 bytes


  • #8
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Your logs are clean

    How is your PC running ?


  • #9
    kleefarr
    Registered Users, Registered Users 2 Posts: 5,744 ✭✭✭kleefarr


    Seems to be ok. A lot better than it was when I first posted anyway.

    I ran an AVG and it froze. Running now on individual folders and nothing so far.

    Will give it a good run tomorrow and see what occurs.

    Many thanks for you assistance, if you're ever in Kilkenny City send me a PM and I'll buy you a couple of pints.

    Many thanks.


Advertisement