BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Explorer corrupt?
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Explorer corrupt?  
Forum Quick Jump
 
New Topic Post reply to : Explorer corrupt? Printable version of : Explorer corrupt?
[ << Previous Thread | Next Thread >> ]

Garyh3
New Member


Date Joined May 2006
Total Posts : 30
 
   Posted 4/6/2009 4:50 PM (GMT +3)    Quote: Explorer corrupt?Alert an admin about: Explorer corrupt?
Hi Touch
 
This pans from the same incident last time. It really never went away. My Windows explorer works fine for about 4 hrs and then starts to act funny. New explorer windows wont open I cannot open up pages in explorer or internet mail + Task manager will not open and then sometime it does and when it does it kinda looks like its blinking every second. Once I reboot its fine again. AVG does not throup up errors. Anyhow Would really appreciate a quick look at the HJ file and combofix txt
 
Garyh3
 
ogfile of HijackThis v1.99.1
Scan saved at 14:42, on 2009-04-06
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Vodafone-vpn\cvpnd.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\iPass\iPassConnect\iPCAgent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Utimaco\SafeGuard Easy\SgeClient.exe
C:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
C:\WINDOWS\system32\SgLogPlayer.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\IBM\Director\bin\twgipcsv.exe
C:\Program Files\IBM\Director\bin\twgipc.exe
C:\WINDOWS\system32\vnxserv.exe
C:\Program Files\IBM\Director\bin\twgescli.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\IBM\Director\bin\twgmonit.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
C:\Program Files\iPass\iPassConnect\downloader\ipccheck.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Utimaco\SafeGuard Easy\WKSCFGSRV.EXE
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe
C:\Documents and Settings\eloy04260\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\IBM\Director\cimom\bin\tier1slp.exe
C:\Program Files\IBM\Director\bin\IBMSA.exe
C:\Program Files\IBM\Director\bin\slp_srvreg.exe
C:\Program Files\IBM\Director\cimom\bin\cimlistener.exe
C:\Program Files\IBM\Director\cimom\bin\wmicimserver.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\eloy04260\Local Settings\Apps\2.0\BO8MRCNE.RBW\H6Q1W016.E4H\moni..tion_ead9156a56b0f665_0001.0000_50417c0338be37d1\MonitoringAlertDesktopClient.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\eloy04260\Local Settings\temp\wz28c9\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.162.66.55:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://sblprdiweb2;http://umatter.eloyaltyco.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [SgeEcView] C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
O4 - HKLM\..\Run: [EdWizard] C:\Program Files\Utimaco\SafeGuard Easy\EdWizard.exe as
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MilShieldSlave] "C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe" -logon
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\eloy04260\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Vodafone Ireland Vodafonie.ie VPN Client.lnk = C:\Program Files\Vodafone-vpn\ipsecdialer.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://intranet.vodafone.com/ie
O15 - Trusted Zone: *.eloyalty.com
O15 - Trusted Zone: *.eloyaltyco.com
O15 - Trusted Zone: *.imageshack.us
O16 - DPF: {00B28243-126B-4FFF-B346-6C3176E8296B} (Siebel Calendar) - http://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_Calendar.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229591201781
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229591183406
O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} (Oracle JInitiator 1.1.8.16) -
O16 - DPF: {DE2C7216-C882-400E-BB47-EBB90237CAD1} (Siebel High Interactivity Framework) - http://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_HI_Client.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://eloyalty.webex.com/client/T26L/webex/ieatgpc.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupControlXP Class) - https://remoteaccess.wyndhamworldwide.com/dana-cached/setup/JuniperSetupSP1.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5480/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eloyaltyco.com
O17 - HKLM\Software\..\Telephony: DomainName = eloyaltyco.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = eloyaltyco.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = eloyaltyco.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = eloyaltyco.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: NotLog - C:\WINDOWS\SYSTEM32\SGLogEx.dll
O20 - Winlogon Notify: SGLogNotification - C:\WINDOWS\SYSTEM32\SGLogNotification.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: IBM Director CIM Listener (cimlistener) - OpenSource Pegasus - C:\Program Files\IBM\Director\cimom\bin\cimlistener.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Vodafone-vpn\cvpnd.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
O23 - Service: Google Update Service (gupdate1c966cbfc29245e) (gupdate1c966cbfc29245e) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: IBM SLP SA (ibmsa) - IBM Corporation - C:\Program Files\IBM\Director\bin\IBMSA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPassConnectEngine - iPass - C:\Program Files\iPass\iPassConnect\iPassConnectEngine.exe
O23 - Service: iPCAgent - iPass, Inc. - C:\Program Files\iPass\iPassConnect\iPCAgent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: MilShieldCleaner - Unknown owner - C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
O23 - Service: OracleOra81ClientCache - Unknown owner - C:\oracle\ora81\BIN\ONRSD.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SafeGuard Easy Client (SgeClient) - Unknown owner - C:\Program Files\Utimaco\SafeGuard Easy\SgeClient.exe
O23 - Service: SafeGuard Easy Control (SgeCtl) - Utimaco Safeware AG - C:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
O23 - Service: SafeGuard SGLOG  Player (SgLogPlayer) - Utimaco Safeware AG - C:\WINDOWS\system32\SgLogPlayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)
O23 - Service: IBM Director Agent SLP Attributes (tier1slp) - IBM Corporation - C:\Program Files\IBM\Director\cimom\bin\tier1slp.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: IBM Director Support Program (TWGIPC) - IBM Corporation - C:\Program Files\IBM\Director\bin\twgipcsv.exe
O23 - Service: Vsclient Service (VnxService) - Unknown owner - C:\WINDOWS\system32\vnxserv.exe
O23 - Service: IBM Director Agent WMI CIM Server (wmicimserver) - IBM Corporation - C:\Program Files\IBM\Director\cimom\bin\wmicimserver.exe
 
Combofix.txt
 
ComboFix 09-04-04.01 - eloy04260 2009-04-06 14:18:26.8 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1534.836 [GMT 1:00]
Running from: c:\temp\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning enabled* (Updated)
.
(((((((((((((((((((((((((   Files Created from 2009-03-06 to 2009-04-06  )))))))))))))))))))))))))))))))
.
2009-04-06 14:16 . 2006-03-03 00:42 73,728 --a------ C:\pv.exe
2009-04-05 17:57 . 2009-04-05 17:57 3,067,803 -ra------ c:\temp\ComboFix.exe
2009-04-04 11:17 . 2009-04-04 11:17 <DIR> d-------- c:\program files\MUSICMATCH
2009-04-04 11:15 . 2009-04-04 11:15 18,301,032 --a------ c:\temp\musicmatch82.exe
2009-04-03 10:10 . 2009-04-06 13:49 512 --a------ c:\windows\randseed.rnd
2009-03-30 19:02 . 2009-04-05 21:34 24 --a------ c:\windows\sysc_drv.ini
2009-03-27 12:59 . 2009-01-09 20:19 1,089,593 --------- c:\windows\system32\dllcache\ntprint.cat
2009-03-20 11:53 . 2009-03-28 10:52 108,552 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-16 14:26 . 2009-03-16 13:47 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-03-16 13:47 . 2009-03-16 13:47 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-03-16 13:44 . 2009-03-16 13:44 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-03-16 13:43 . 2009-03-16 13:43 <DIR> d-------- c:\program files\Lavasoft
2009-03-16 13:42 . 2009-03-16 13:42 34,542,776 --a------ c:\temp\Ad-AwareAE_66.exe
2009-03-16 13:07 . 2009-03-16 19:33 <DIR> d-------- c:\program files\NoAdware
2009-03-15 14:03 . 2009-03-15 14:03 73,728 --a------ c:\windows\system32\javacpl.cpl
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-04 10:17 --------- d--h--w c:\program files\InstallShield Installation Information
2009-04-02 10:09 --------- d-----w c:\program files\Password Safe
2009-03-30 14:35 --------- d-----w c:\documents and settings\eloy04260\Application Data\Skype
2009-03-30 14:00 --------- d-----w c:\documents and settings\eloy04260\Application Data\skypePM
2009-03-29 16:53 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-23 08:46 --------- d-----w c:\documents and settings\eloy04260\Application Data\uTorrent
2009-03-20 10:53 325,640 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-03-20 10:53 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-03-20 10:51 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-16 12:05 --------- d-----w c:\program files\SUPERAntiSpyware
2009-03-16 12:05 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-16 12:05 --------- d-----w c:\documents and settings\eloy04260\Application Data\SUPERAntiSpyware.com
2009-03-16 11:09 --------- d-----w c:\program files\Java
2009-03-15 13:03 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-04 11:27 --------- d-----w c:\program files\vsclient
2009-02-26 17:17 --------- d-----w c:\program files\Reference Assemblies
2009-02-26 17:17 --------- d-----w c:\program files\MSBuild
2009-02-23 19:41 --------- d-----w c:\documents and settings\All Users\Application Data\VMware
2009-02-23 19:35 --------- d-----w c:\documents and settings\eloy04260\Application Data\VMware
2009-02-23 17:21 --------- d-----w c:\program files\VMware
2009-02-23 15:39 --------- d-----w c:\documents and settings\eloy04260\Application Data\Juniper Networks
2009-02-23 15:15 --------- d-----w c:\documents and settings\All Users\Application Data\Juniper Networks
2009-02-23 09:14 --------- d-----w c:\program files\Windows Live
2009-02-17 16:00 --------- d-----w c:\documents and settings\eloy04260\Application Data\CoreFTP
2009-02-13 19:30 --------- d-----w c:\program files\Google
2009-02-12 11:41 --------- d-----w c:\program files\Windows Installer Clean Up
2009-02-12 11:41 --------- d-----w c:\program files\MSECACHE
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:13 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-02-06 19:03 307,576 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 18:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-01-16 21:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2003-12-18 16:17 4,416,692 ----a-w c:\program files\eLoyalty VPN.zip
2008-12-18 10:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008121820081219\index.dat
.
(((((((((((((((((((((((((((((   snapshot@2009-04-03_16.08.32.28   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-05 20:30:35 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_12c.dat
+ 2009-04-05 20:30:34 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_464.dat
+ 2009-04-05 20:30:42 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_ff4.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-22 68856]
"MilShieldSlave"="c:\program files\Mil Incorporated\Mil Shield\ShieldWorker.exe" [2008-03-16 741376]
"Google Update"="c:\documents and settings\eloy04260\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-04 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-02-14 512000]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2005-10-29 864256]
"TPHOTKEY"="c:\progra~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" [2006-05-10 94208]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2006-02-24 237568]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-01-22 344064]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-03-07 122939]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2006-03-23 151552]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2006-03-23 208896]
"TPKBDLED"="c:\windows\system32\TpScrLk.exe" [2002-10-09 40960]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2005-09-27 139320]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2006-04-17 409600]
"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2006-04-17 98304]
"SgeEcView"="c:\program files\Utimaco\SafeGuard Easy\Ecview.exe" [2004-09-20 20480]
"EdWizard"="c:\program files\Utimaco\SafeGuard Easy\EdWizard.exe" [2004-09-20 245760]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-20 1932568]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-15 148888]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-16 515416]
"mmtask"="c:\program files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2003-12-12 53248]
"MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2003-12-12 118784]
"TP4EX"="tp4ex.exe" [2005-10-17 c:\windows\system32\TP4EX.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Vodafone Ireland Vodafonie.ie VPN Client.lnk - c:\program files\Vodafone-vpn\ipsecdialer.exe [2006-07-28 1216588]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceStartMenuLogOff"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
2006-04-17 19:01 32768 c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-20 11:53 10520 c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NotLog]
2002-01-22 21:28 110592 c:\windows\system32\SGLogEx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SGLogNotification]
2004-08-26 20:18 69632 c:\windows\system32\SGLogNotification.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2005-07-06 05:45 28672 c:\windows\system32\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2005-12-01 02:16 24576 c:\windows\system32\tphklock.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3IV2"= 3ivxVfWCodec.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Documents and Settings\\eloy04260\\GaryStuff\\GarysStuff\\FTP\\WS_FTP95.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\IBM\\SMA\\smabat.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 AES-256;AES-256;c:\windows\system32\drivers\AES256.sys [2004-09-20 18016]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-16 64160]
R0 SgeFlt;SgeFlt;c:\windows\system32\drivers\SGEFLT.sys [2004-09-20 54944]
R0 TPDiskPM;TPDiskPM;c:\windows\system32\drivers\TPDiskPM.sys [2006-03-17 14848]
R1 ANC;ANC;c:\windows\system32\drivers\ANC.sys [2006-05-28 11520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-08 325640]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-20 108552]
R1 IBMTPCHK;IBMTPCHK;c:\windows\system32\drivers\IBMBLDID.sys [2006-05-28 6016]
R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\TPPWRIF.SYS [2006-03-17 4442]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-29 298264]
R2 cimlistener;IBM Director CIM Listener;c:\program files\IBM\Director\cimom\bin\cimlistener.exe [2005-10-13 36864]
R2 CVPNDRV;Vodafone Ireland IPsec Driver;c:\windows\system32\drivers\CVPNDrv.sys [2006-07-28 160327]
R2 FlipShare Service;FlipShare Service;c:\program files\Pure Digital Technologies\FlipShare\FlipShareService.exe [2008-11-13 439616]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-01-12 55136]
R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R2 ibmsa;IBM SLP SA;c:\program files\IBM\Director\bin\IBMSA.exe [2005-10-13 20480]
R2 iPCAgent;iPCAgent;c:\program files\iPass\iPassConnect\iPCAgent.exe [2006-05-15 90112]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-19 951632]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 tier1slp;IBM Director Agent SLP Attributes;c:\program files\IBM\Director\cimom\bin\tier1slp.exe [2005-10-13 28672]
R2 TWGIPC;IBM Director Support Program;c:\program files\IBM\Director\bin\twgipcsv.exe [2005-10-19 53328]
R2 VnxTcp;VnxTcp;c:\windows\system32\drivers\vnxtcp.sys [2006-05-15 148240]
R2 wmicimserver;IBM Director Agent WMI CIM Server;c:\program files\IBM\Director\cimom\bin\wmicimserver.exe [2005-10-13 536576]
R3 TPInput;TPInput;c:\windows\system32\drivers\TPInput.sys [2006-03-17 6784]
R3 TPM11;NSC Integrated Trusted Platform Module 1.1;c:\windows\system32\drivers\nsctpm11.sys [1980-01-01 14336]
S2 drujguxqsz;drujguxqsz;\??\c:\windows\system32\drivers\failotwfczv.sys --> c:\windows\system32\drivers\failotwfczv.sys [?]
S2 gupdate1c966cbfc29245e;Google Update Service (gupdate1c966cbfc29245e);c:\program files\Google\Update\GoogleUpdate.exe [2008-12-25 133104]
S3 dxI2C;dxI2C;c:\program files\IBM\Director\cimom\bin\i2c32.sys [2005-09-16 23936]
S3 dxPMem;dxPMem;c:\program files\IBM\Director\cimom\bin\pmemnt.sys [2005-09-16 4480]
S3 OracleOra81ClientCache;OracleOra81ClientCache;c:\oracle\ora81\bin\ONRSD.EXE [2000-10-19 411244]
S3 SDTHOOK;SDTHOOK;c:\windows\system32\drivers\SDTHOOK.SYS [2008-02-19 44928]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\Setup_FlipShare.exe
\Shell\Setup FlipShare\command - E:\Setup_FlipShare.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{241d123e-f22c-11da-aa05-00166f1b7757}]
\Shell\AutoRun\command - E:\ClearPath_Demo.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56902c3b-b949-11dc-a941-00166f1b5cde}]
\Shell\AutoRun\command - e:\system\viewer\FlipVideoforPC.exe
\Shell\Flip Video for PC\command - e:\system\viewer\FlipVideoforPC.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56902c43-b949-11dc-a941-00166f1b5cde}]
\Shell\AutoRun\command - E:\Setup_FlipShare.exe
\Shell\Setup FlipShare\command - E:\Setup_FlipShare.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5b1d234-f1a7-11da-827a-00166f1b7757}]
\Shell\AutoRun\command - E:\ClearPath_Demo.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d82dea2a-f0d6-11da-a065-00166f2b82ff}]
\Shell\AutoRun\command - E:\ClearPath_Demo.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f95c3632-5e8d-11db-a8b8-00166f1b5cde}]
\Shell\AutoRun\command - E:\Launch.exe
.
Contents of the 'Scheduled Tasks' folder
2009-04-06 c:\windows\Tasks\Ad-Aware Update (Daily).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-16 13:46]
.
.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = 10.162.66.55:8080
uInternet Settings,ProxyOverride = hxxp://sblprdiweb2;http://umatter.eloyaltyco.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: eloyalty.com
Trusted Zone: eloyaltyco.com
Trusted Zone: imageshack.us
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {00B28243-126B-4FFF-B346-6C3176E8296B} - hxxp://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_Calendar.cab
DPF: {DE2C7216-C882-400E-BB47-EBB90237CAD1} - hxxp://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_HI_Client.cab
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-06 14:23:19
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ... 
scanning hidden autostart entries ...
scanning hidden files ... 
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1316)
c:\windows\system32\SGGINA.DLL
c:\program files\Utimaco\SafeGuard Easy\SGEGINA.DLL
c:\program files\Utimaco\SafeGuard Easy\CMessage.dll
c:\program files\Utimaco\SafeGuard Easy\SgWin32.dll
c:\program files\Utimaco\SafeGuard Easy\CmfcApi.dll
c:\program files\Utimaco\SafeGuard Easy\EcView.dll
c:\program files\Utimaco\SafeGuard Easy\SgeUtil.dll
c:\program files\Utimaco\SafeGuard Easy\SgUicl.dll
c:\program files\Utimaco\SafeGuard Easy\FLTAPI.dll
c:\program files\Utimaco\SafeGuard Easy\SGUICLRES.DLL
c:\program files\Utimaco\SafeGuard Easy\SGUICL.MSG
c:\program files\Utimaco\SafeGuard Easy\SGE_ERR0409.DLL
c:\program files\Utimaco\SafeGuard Easy\SGE_MSG0409.DLL
c:\program files\Utimaco\SafeGuard Easy\encviewer.ocx
c:\program files\Utimaco\SafeGuard Easy\sgea40.dll
c:\program files\Utimaco\SafeGuard Easy\CfgApi.dll
c:\program files\Utimaco\SafeGuard Easy\SGEDRV.dll
c:\program files\Utimaco\SafeGuard Easy\SGE_INFO0409.DLL
c:\program files\Utimaco\SafeGuard Easy\SgHtmHlp.dll
c:\program files\Utimaco\SafeGuard Easy\SGHTMHLP0409.dll
c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll
c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\tphklock.dll
c:\program files\Utimaco\SafeGuard Easy\DComSec.dll
c:\windows\system32\GetUserSid.dll
c:\windows\system32\LogMsgApp.Dll
c:\windows\system32\LogData.dll
c:\program files\Utimaco\SafeGuard Easy\SecClassFactoryPS.dll
c:\program files\Utimaco\SafeGuard Easy\wkscfgsrvps.dll
c:\windows\system32\SGLogEx.dll
c:\windows\system32\SGLogNotification.dll
c:\windows\system32\notifyf2.dll
.
Completion time: 2009-04-06 14:26:39
ComboFix-quarantined-files.txt  2009-04-06 13:25:52
ComboFix2.txt  2009-04-05 17:08:47
ComboFix3.txt  2009-04-03 15:10:58
Pre-Run: 11,720,404,992 bytes free
Post-Run: 11,744,460,800 bytes free
266
 
Regards
 
Garyh3
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12969
 
   Posted 4/8/2009 5:01 AM (GMT +3)    Quote: Explorer corrupt?Alert an admin about: Explorer corrupt?
Hello Garyh3 cool
 
It looks like you have 2 antivirus programs running - AVG8 and SafeGuard Easy ? If you have, uninstall one of them.
 
Reboot.
 
 
I´ll look to your combolog asap.


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12969
 
   Posted 4/8/2009 12:33 PM (GMT +3)    Quote: Explorer corrupt?Alert an admin about: Explorer corrupt?
Open notepad and copy/paste the text in bold in  below into it:


-------------------------------------------------------------------------------
 
Killall:
 
Snapshot::
 
File::
c:\windows\system32\drivers\failotwfczv.sys
 
Driver::
Drujguxqsz
 
 
--------------------------------------------------------------------------------------
Save this as:
CFScript
 
 
Refering to the picture above, drag CFScript into ComboFix.exe

Then post fresh combofix  log.
 


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

Garyh3
New Member


Date Joined May 2006
Total Posts : 30
 
   Posted 4/9/2009 3:19 PM (GMT +3)    Quote: Explorer corrupt?Alert an admin about: Explorer corrupt?
Hi Touch sorry I didnt get an email notification to respond hmmmm!
so the SafeGuard is pc encription program and not a virus scan software.
Ok here is the new Combo log
ComboFix 09-04-04.01 - eloy04260 2009-04-09 12:48:04.9 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1534.860 [GMT 1:00]
Running from: c:\temp\ComboFix.exe
Command switches used :: c:\temp\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated)
 * Created a new restore point
FILE ::
c:\windows\system32\drivers\failotwfczv.sys
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_drujguxqsz

(((((((((((((((((((((((((   Files Created from 2009-03-09 to 2009-04-09  )))))))))))))))))))))))))))))))
.
2009-04-08 16:13 . 2009-04-08 16:13 22,016 --a------ C:\[u]0[/u]xf9.exe
2009-04-05 17:57 . 2009-04-05 17:57 3,067,803 -ra------ c:\temp\ComboFix.exe
2009-04-04 11:17 . 2009-04-04 11:17 <DIR> d-------- c:\program files\MUSICMATCH
2009-03-30 19:02 . 2009-04-09 13:07 24 --a------ c:\windows\sysc_drv.ini
2009-03-27 12:59 . 2009-01-09 20:19 1,089,593 --------- c:\windows\system32\dllcache\ntprint.cat
2009-03-20 11:53 . 2009-03-28 10:52 108,552 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-16 14:26 . 2009-03-16 13:47 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-03-16 13:47 . 2009-03-16 13:47 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-03-16 13:44 . 2009-03-16 13:44 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-03-16 13:43 . 2009-03-16 13:43 <DIR> d-------- c:\program files\Lavasoft
2009-03-16 13:42 . 2009-03-16 13:42 34,542,776 --a------ c:\temp\Ad-AwareAE_66.exe
2009-03-16 13:07 . 2009-03-16 19:33 <DIR> d-------- c:\program files\NoAdware
2009-03-15 14:03 . 2009-03-15 14:03 73,728 --a------ c:\windows\system32\javacpl.cpl
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 11:53 --------- d-----w c:\program files\Password Safe
2009-04-07 08:04 --------- d-----w c:\documents and settings\eloy04260\Application Data\Skype
2009-04-06 13:53 --------- d-----w c:\documents and settings\eloy04260\Application Data\skypePM
2009-04-04 10:17 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-29 16:53 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-23 08:46 --------- d-----w c:\documents and settings\eloy04260\Application Data\uTorrent
2009-03-20 10:53 325,640 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-03-20 10:51 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-16 12:05 --------- d-----w c:\program files\SUPERAntiSpyware
2009-03-16 12:05 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-16 12:05 --------- d-----w c:\documents and settings\eloy04260\Application Data\SUPERAntiSpyware.com
2009-03-16 11:09 --------- d-----w c:\program files\Java
2009-03-04 11:27 --------- d-----w c:\program files\vsclient
2009-02-26 17:17 --------- d-----w c:\program files\Reference Assemblies
2009-02-26 17:17 --------- d-----w c:\program files\MSBuild
2009-02-23 19:41 --------- d-----w c:\documents and settings\All Users\Application Data\VMware
2009-02-23 19:35 --------- d-----w c:\documents and settings\eloy04260\Application Data\VMware
2009-02-23 17:21 --------- d-----w c:\program files\VMware
2009-02-23 15:39 --------- d-----w c:\documents and settings\eloy04260\Application Data\Juniper Networks
2009-02-23 15:15 --------- d-----w c:\documents and settings\All Users\Application Data\Juniper Networks
2009-02-23 09:14 --------- d-----w c:\program files\Windows Live
2009-02-17 16:00 --------- d-----w c:\documents and settings\eloy04260\Application Data\CoreFTP
2009-02-13 19:30 --------- d-----w c:\program files\Google
2009-02-12 11:41 --------- d-----w c:\program files\Windows Installer Clean Up
2009-02-12 11:41 --------- d-----w c:\program files\MSECACHE
2009-02-06 19:03 307,576 ----a-w c:\windows\WLXPGSS.SCR
2003-12-18 16:17 4,416,692 ----a-w c:\program files\eLoyalty VPN.zip
2008-12-18 10:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008121820081219\index.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-22 68856]
"MilShieldSlave"="c:\program files\Mil Incorporated\Mil Shield\ShieldWorker.exe" [2008-03-16 741376]
"Google Update"="c:\documents and settings\eloy04260\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-04 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-02-14 512000]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2005-10-29 864256]
"TPHOTKEY"="c:\progra~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" [2006-05-10 94208]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2006-02-24 237568]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-01-22 344064]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-03-07 122939]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2006-03-23 151552]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2006-03-23 208896]
"TPKBDLED"="c:\windows\system32\TpScrLk.exe" [2002-10-09 40960]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2005-09-27 139320]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2006-04-17 409600]
"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2006-04-17 98304]
"SgeEcView"="c:\program files\Utimaco\SafeGuard Easy\Ecview.exe" [2004-09-20 20480]
"EdWizard"="c:\program files\Utimaco\SafeGuard Easy\EdWizard.exe" [2004-09-20 245760]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-20 1932568]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-15 148888]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-16 515416]
"mmtask"="c:\program files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2003-12-12 53248]
"MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2003-12-12 118784]
"TP4EX"="tp4ex.exe" [2005-10-17 c:\windows\system32\TP4EX.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Vodafone Ireland Vodafonie.ie VPN Client.lnk - c:\program files\Vodafone-vpn\ipsecdialer.exe [2006-07-28 1216588]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceStartMenuLogOff"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
2006-04-17 19:01 32768 c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-20 11:53 10520 c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NotLog]
2002-01-22 21:28 110592 c:\windows\system32\SGLogEx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SGLogNotification]
2004-08-26 20:18 69632 c:\windows\system32\SGLogNotification.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2005-07-06 05:45 28672 c:\windows\system32\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2005-12-01 02:16 24576 c:\windows\system32\tphklock.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3IV2"= 3ivxVfWCodec.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Documents and Settings\\eloy04260\\GaryStuff\\GarysStuff\\FTP\\WS_FTP95.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\IBM\\SMA\\smabat.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 AES-256;AES-256;c:\windows\system32\drivers\AES256.sys [2004-09-20 18016]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-16 64160]
R0 SgeFlt;SgeFlt;c:\windows\system32\drivers\SGEFLT.sys [2004-09-20 54944]
R0 TPDiskPM;TPDiskPM;c:\windows\system32\drivers\TPDiskPM.sys [2006-03-17 14848]
R1 ANC;ANC;c:\windows\system32\drivers\ANC.sys [2006-05-28 11520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-08 325640]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-20 108552]
R1 IBMTPCHK;IBMTPCHK;c:\windows\system32\drivers\IBMBLDID.sys [2006-05-28 6016]
R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\TPPWRIF.SYS [2006-03-17 4442]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-29 298264]
R2 cimlistener;IBM Director CIM Listener;c:\program files\IBM\Director\cimom\bin\cimlistener.exe [2005-10-13 36864]
R2 CVPNDRV;Vodafone Ireland IPsec Driver;c:\windows\system32\drivers\CVPNDrv.sys [2006-07-28 160327]
R2 FlipShare Service;FlipShare Service;c:\program files\Pure Digital Technologies\FlipShare\FlipShareService.exe [2008-11-13 439616]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-01-12 55136]
R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R2 ibmsa;IBM SLP SA;c:\program files\IBM\Director\bin\IBMSA.exe [2005-10-13 20480]
R2 iPCAgent;iPCAgent;c:\program files\iPass\iPassConnect\iPCAgent.exe [2006-05-15 90112]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 tier1slp;IBM Director Agent SLP Attributes;c:\program files\IBM\Director\cimom\bin\tier1slp.exe [2005-10-13 28672]
R2 TWGIPC;IBM Director Support Program;c:\program files\IBM\Director\bin\twgipcsv.exe [2005-10-19 53328]
R2 VnxTcp;VnxTcp;c:\windows\system32\drivers\vnxtcp.sys [2006-05-15 148240]
R2 wmicimserver;IBM Director Agent WMI CIM Server;c:\program files\IBM\Director\cimom\bin\wmicimserver.exe [2005-10-13 536576]
R3 TPInput;TPInput;c:\windows\system32\drivers\TPInput.sys [2006-03-17 6784]
R3 TPM11;NSC Integrated Trusted Platform Module 1.1;c:\windows\system32\drivers\nsctpm11.sys [1980-01-01 14336]
S2 gupdate1c966cbfc29245e;Google Update Service (gupdate1c966cbfc29245e);c:\program files\Google\Update\GoogleUpdate.exe [2008-12-25 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-19 951632]
S3 dxI2C;dxI2C;c:\program files\IBM\Director\cimom\bin\i2c32.sys [2005-09-16 23936]
S3 dxPMem;dxPMem;c:\program files\IBM\Director\cimom\bin\pmemnt.sys [2005-09-16 4480]
S3 OracleOra81ClientCache;OracleOra81ClientCache;c:\oracle\ora81\bin\ONRSD.EXE [2000-10-19 411244]
S3 SDTHOOK;SDTHOOK;c:\windows\system32\drivers\SDTHOOK.SYS [2008-02-19 44928]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\Setup_FlipShare.exe
\Shell\Setup FlipShare\command - E:\Setup_FlipShare.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{241d123e-f22c-11da-aa05-00166f1b7757}]
\Shell\AutoRun\command - E:\ClearPath_Demo.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56902c3b-b949-11dc-a941-00166f1b5cde}]
\Shell\AutoRun\command - e:\system\viewer\FlipVideoforPC.exe
\Shell\Flip Video for PC\command - e:\system\viewer\FlipVideoforPC.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56902c43-b949-11dc-a941-00166f1b5cde}]
\Shell\AutoRun\command - E:\Setup_FlipShare.exe
\Shell\Setup FlipShare\command - E:\Setup_FlipShare.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5b1d234-f1a7-11da-827a-00166f1b7757}]
\Shell\AutoRun\command - E:\ClearPath_Demo.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d82dea2a-f0d6-11da-a065-00166f2b82ff}]
\Shell\AutoRun\command - E:\ClearPath_Demo.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f95c3632-5e8d-11db-a8b8-00166f1b5cde}]
\Shell\AutoRun\command - E:\Launch.exe
.
Contents of the 'Scheduled Tasks' folder
2009-04-09 c:\windows\Tasks\Ad-Aware Update (Daily).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-16 13:46]
.
.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = 10.162.66.55:8080
uInternet Settings,ProxyOverride = hxxp://sblprdiweb2;http://umatter.eloyaltyco.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: eloyalty.com
Trusted Zone: eloyaltyco.com
Trusted Zone: imageshack.us
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {00B28243-126B-4FFF-B346-6C3176E8296B} - hxxp://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_Calendar.cab
DPF: {DE2C7216-C882-400E-BB47-EBB90237CAD1} - hxxp://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_HI_Client.cab
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-09 13:07:00
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ... 
scanning hidden autostart entries ...
scanning hidden files ... 
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1304)
c:\windows\system32\SGGINA.DLL
c:\program files\Utimaco\SafeGuard Easy\SGEGINA.DLL
c:\program files\Utimaco\SafeGuard Easy\CMessage.dll
c:\program files\Utimaco\SafeGuard Easy\SgWin32.dll
c:\program files\Utimaco\SafeGuard Easy\CmfcApi.dll
c:\program files\Utimaco\SafeGuard Easy\EcView.dll
c:\program files\Utimaco\SafeGuard Easy\SgeUtil.dll
c:\program files\Utimaco\SafeGuard Easy\SgUicl.dll
c:\program files\Utimaco\SafeGuard Easy\FLTAPI.dll
c:\program files\Utimaco\SafeGuard Easy\SGUICLRES.DLL
c:\program files\Utimaco\SafeGuard Easy\SGUICL.MSG
c:\program files\Utimaco\SafeGuard Easy\SGE_ERR0409.DLL
c:\program files\Utimaco\SafeGuard Easy\SGE_MSG0409.DLL
c:\program files\Utimaco\SafeGuard Easy\encviewer.ocx
c:\program files\Utimaco\SafeGuard Easy\SGE_INFO0409.DLL
c:\program files\Utimaco\SafeGuard Easy\SgHtmHlp.dll
c:\program files\Utimaco\SafeGuard Easy\SGHTMHLP0409.dll
c:\program files\Utimaco\SafeGuard Easy\sgea40.dll
c:\program files\Utimaco\SafeGuard Easy\CfgApi.dll
c:\program files\Utimaco\SafeGuard Easy\SGEDRV.dll
c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll
c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\tphklock.dll
c:\program files\Utimaco\SafeGuard Easy\DComSec.dll
c:\windows\system32\GetUserSid.dll
c:\windows\system32\LogMsgApp.Dll
c:\windows\system32\LogData.dll
c:\program files\Utimaco\SafeGuard Easy\SecClassFactoryPS.dll
c:\program files\Utimaco\SafeGuard Easy\wkscfgsrvps.dll
c:\windows\system32\SGLogEx.dll
c:\windows\system32\SGLogNotification.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Vodafone-vpn\cvpnd.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\program files\Utimaco\SafeGuard Easy\WksCfgSrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Network Associates\Common Framework\FrameworkService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Mil Incorporated\Mil Shield\ShieldService.exe
c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
c:\progra~1\NETWOR~1\COMMON~1\naPrdMgr.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Utimaco\SafeGuard Easy\SgeClient.exe
c:\program files\Utimaco\SafeGuard Easy\SgeCtl.exe
c:\windows\system32\SgLogPlayer.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\TpKmpSvc.exe
c:\windows\system32\vnxserv.exe
c:\program files\IBM\Director\bin\twgipc.exe
c:\program files\IBM\Director\bin\twgescli.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\IBM\Director\bin\twgmonit.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\progra~1\IBM\Director\cimom\bin\PEGASU~1.EXE
c:\windows\system32\ati2evxx.exe
c:\program files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
c:\windows\system32\rundll32.exe
c:\program files\iPass\iPassConnect\downloader\ipccheck.exe
c:\program files\Utimaco\SafeGuard Easy\WksCfgSrv.exe
c:\program files\IBM\Director\bin\slp_srvreg.exe
c:\program files\IBM\Director\bin\twgjava.exe
.
**************************************************************************
.
Completion time: 2009-04-09 13:12:51 - machine was rebooted [eloy04260]
ComboFix-quarantined-files.txt  2009-04-09 12:12:46
ComboFix2.txt  2009-04-06 13:26:42
ComboFix3.txt  2009-04-05 17:08:47
ComboFix4.txt  2009-04-03 15:10:58
Pre-Run: 11,749,924,864 bytes free
Post-Run: 11,636,293,632 bytes free
305


Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12969
 
   Posted 4/9/2009 5:48 PM (GMT +3)    Quote: Explorer corrupt?Alert an admin about: Explorer corrupt?
I learn all the time, I didn´t knew that about SafeGuard rolleyes
 
 
How are things running now ?


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

Garyh3
New Member


Date Joined May 2006
Total Posts : 30
 
   Posted 4/9/2009 6:12 PM (GMT +3)    Quote: Explorer corrupt?Alert an admin about: Explorer corrupt?
Hi Touch,
Thanks, running fine at the mo...:-)
Will let you know, as it usually take a while for the explorer to go funny ......
thanks again for your help much appreciated


Gary
Back to Top
 

Garyh3
New Member


Date Joined May 2006
Total Posts : 30
 
   Posted 4/12/2009 12:26 AM (GMT +3)    Quote: Explorer corrupt?Alert an admin about: Explorer corrupt?
Hi Touch
It still happening..
When it happens I am unable to even open a new explorers or Task manager. I cannot even run .exe files. When I right klick start I get nothing.? Anything else I can try? I can open google chrome !!!!
Combo log
ComboFix 09-04-04.01 - eloy04260 2009-04-11 22:10:43.10 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1534.920 [GMT 1:00]
Running from: c:\temp\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated)
.
(((((((((((((((((((((((((   Files Created from 2009-03-11 to 2009-04-11  )))))))))))))))))))))))))))))))
.
2009-04-11 22:07 . 2009-04-11 22:10 512 --a------ c:\windows\randseed.rnd
2009-04-05 17:57 . 2009-04-05 17:57 3,067,803 -ra------ c:\temp\ComboFix.exe
2009-04-04 11:17 . 2009-04-04 11:17 <DIR> d-------- c:\program files\MUSICMATCH
2009-03-30 19:02 . 2009-04-11 22:06 24 --a------ c:\windows\sysc_drv.ini
2009-03-27 12:59 . 2009-01-09 20:19 1,089,593 --------- c:\windows\system32\dllcache\ntprint.cat
2009-03-20 11:53 . 2009-03-28 10:52 108,552 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-16 14:26 . 2009-03-16 13:47 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-03-16 13:47 . 2009-03-16 13:47 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-03-16 13:44 . 2009-03-16 13:44 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-03-16 13:43 . 2009-03-16 13:43 <DIR> d-------- c:\program files\Lavasoft
2009-03-16 13:42 . 2009-03-16 13:42 34,542,776 --a------ c:\temp\Ad-AwareAE_66.exe
2009-03-16 13:07 . 2009-03-16 19:33 <DIR> d-------- c:\program files\NoAdware
2009-03-15 14:03 . 2009-03-15 14:03 73,728 --a------ c:\windows\system32\javacpl.cpl
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 11:53 --------- d-----w c:\program files\Password Safe
2009-04-07 08:04 --------- d-----w c:\documents and settings\eloy04260\Application Data\Skype
2009-04-06 13:53 --------- d-----w c:\documents and settings\eloy04260\Application Data\skypePM
2009-04-04 10:17 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-29 16:53 --------- d-----w c:\program files\Microsoft Silverlight
2009-03-23 08:46 --------- d-----w c:\documents and settings\eloy04260\Application Data\uTorrent
2009-03-20 10:53 325,640 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-03-20 10:53 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-03-20 10:51 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-16 12:05 --------- d-----w c:\program files\SUPERAntiSpyware
2009-03-16 12:05 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-16 12:05 --------- d-----w c:\documents and settings\eloy04260\Application Data\SUPERAntiSpyware.com
2009-03-16 11:09 --------- d-----w c:\program files\Java
2009-03-15 13:03 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-04 11:27 --------- d-----w c:\program files\vsclient
2009-02-26 17:17 --------- d-----w c:\program files\Reference Assemblies
2009-02-26 17:17 --------- d-----w c:\program files\MSBuild
2009-02-23 19:41 --------- d-----w c:\documents and settings\All Users\Application Data\VMware
2009-02-23 19:35 --------- d-----w c:\documents and settings\eloy04260\Application Data\VMware
2009-02-23 17:21 --------- d-----w c:\program files\VMware
2009-02-23 15:39 --------- d-----w c:\documents and settings\eloy04260\Application Data\Juniper Networks
2009-02-23 15:15 --------- d-----w c:\documents and settings\All Users\Application Data\Juniper Networks
2009-02-23 09:14 --------- d-----w c:\program files\Windows Live
2009-02-17 16:00 --------- d-----w c:\documents and settings\eloy04260\Application Data\CoreFTP
2009-02-13 19:30 --------- d-----w c:\program files\Google
2009-02-12 11:41 --------- d-----w c:\program files\Windows Installer Clean Up
2009-02-12 11:41 --------- d-----w c:\program files\MSECACHE
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:13 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-02-06 19:03 307,576 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 18:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-01-16 21:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2003-12-18 16:17 4,416,692 ----a-w c:\program files\eLoyalty VPN.zip
2008-12-18 10:35 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008121820081219\index.dat
.
(((((((((((((((((((((((((((((   SnapShot@2009-04-09_13.10.55.43   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-11 21:03:06 16,384 ----atw c:\windows\temp\Perflib_Perfdata_1d4.dat
+ 2009-04-11 21:03:08 16,384 ----atw c:\windows\temp\Perflib_Perfdata_790.dat
+ 2009-04-11 21:03:15 16,384 ----atw c:\windows\temp\Perflib_Perfdata_eb0.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-22 68856]
"MilShieldSlave"="c:\program files\Mil Incorporated\Mil Shield\ShieldWorker.exe" [2008-03-16 741376]
"Google Update"="c:\documents and settings\eloy04260\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-04 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-02-14 512000]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2005-10-29 864256]
"TPHOTKEY"="c:\progra~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" [2006-05-10 94208]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2006-02-24 237568]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-01-22 344064]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-03-07 122939]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2006-03-23 151552]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2006-03-23 208896]
"TPKBDLED"="c:\windows\system32\TpScrLk.exe" [2002-10-09 40960]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2005-09-27 139320]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2006-04-17 409600]
"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2006-04-17 98304]
"SgeEcView"="c:\program files\Utimaco\SafeGuard Easy\Ecview.exe" [2004-09-20 20480]
"EdWizard"="c:\program files\Utimaco\SafeGuard Easy\EdWizard.exe" [2004-09-20 245760]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-20 1932568]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-15 148888]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-16 515416]
"mmtask"="c:\program files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2003-12-12 53248]
"MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2003-12-12 118784]
"TP4EX"="tp4ex.exe" [2005-10-17 c:\windows\system32\TP4EX.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Vodafone Ireland Vodafonie.ie VPN Client.lnk - c:\program files\Vodafone-vpn\ipsecdialer.exe [2006-07-28 1216588]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceStartMenuLogOff"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
2006-04-17 19:01 32768 c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-20 11:53 10520 c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NotLog]
2002-01-22 21:28 110592 c:\windows\system32\SGLogEx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SGLogNotification]
2004-08-26 20:18 69632 c:\windows\system32\SGLogNotification.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2005-07-06 05:45 28672 c:\windows\system32\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2005-12-01 02:16 24576 c:\windows\system32\tphklock.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3IV2"= 3ivxVfWCodec.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Documents and Settings\\eloy04260\\GaryStuff\\GarysStuff\\FTP\\WS_FTP95.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\IBM\\SMA\\smabat.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 AES-256;AES-256;c:\windows\system32\drivers\AES256.sys [2004-09-20 18016]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-03-16 64160]
R0 SgeFlt;SgeFlt;c:\windows\system32\drivers\SGEFLT.sys [2004-09-20 54944]
R0 TPDiskPM;TPDiskPM;c:\windows\system32\drivers\TPDiskPM.sys [2006-03-17 14848]
R1 ANC;ANC;c:\windows\system32\drivers\ANC.sys [2006-05-28 11520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-08 325640]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-20 108552]
R1 IBMTPCHK;IBMTPCHK;c:\windows\system32\drivers\IBMBLDID.sys [2006-05-28 6016]
R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\TPPWRIF.SYS [2006-03-17 4442]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-29 298264]
R2 cimlistener;IBM Director CIM Listener;c:\program files\IBM\Director\cimom\bin\cimlistener.exe [2005-10-13 36864]
R2 CVPNDRV;Vodafone Ireland IPsec Driver;c:\windows\system32\drivers\CVPNDrv.sys [2006-07-28 160327]
R2 FlipShare Service;FlipShare Service;c:\program files\Pure Digital Technologies\FlipShare\FlipShareService.exe [2008-11-13 439616]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-01-12 55136]
R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R2 ibmsa;IBM SLP SA;c:\program files\IBM\Director\bin\IBMSA.exe [2005-10-13 20480]
R2 iPCAgent;iPCAgent;c:\program files\iPass\iPassConnect\iPCAgent.exe [2006-05-15 90112]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 tier1slp;IBM Director Agent SLP Attributes;c:\program files\IBM\Director\cimom\bin\tier1slp.exe [2005-10-13 28672]
R2 TWGIPC;IBM Director Support Program;c:\program files\IBM\Director\bin\twgipcsv.exe [2005-10-19 53328]
R2 VnxTcp;VnxTcp;c:\windows\system32\drivers\vnxtcp.sys [2006-05-15 148240]
R2 wmicimserver;IBM Director Agent WMI CIM Server;c:\program files\IBM\Director\cimom\bin\wmicimserver.exe [2005-10-13 536576]
R3 TPInput;TPInput;c:\windows\system32\drivers\TPInput.sys [2006-03-17 6784]
R3 TPM11;NSC Integrated Trusted Platform Module 1.1;c:\windows\system32\drivers\nsctpm11.sys [1980-01-01 14336]
S2 gupdate1c966cbfc29245e;Google Update Service (gupdate1c966cbfc29245e);c:\program files\Google\Update\GoogleUpdate.exe [2008-12-25 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-19 951632]
S3 dxI2C;dxI2C;c:\program files\IBM\Director\cimom\bin\i2c32.sys [2005-09-16 23936]
S3 dxPMem;dxPMem;c:\program files\IBM\Director\cimom\bin\pmemnt.sys [2005-09-16 4480]
S3 OracleOra81ClientCache;OracleOra81ClientCache;c:\oracle\ora81\bin\ONRSD.EXE [2000-10-19 411244]
S3 SDTHOOK;SDTHOOK;c:\windows\system32\drivers\SDTHOOK.SYS [2008-02-19 44928]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\Setup_FlipShare.exe
\Shell\Setup FlipShare\command - E:\Setup_FlipShare.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{241d123e-f22c-11da-aa05-00166f1b7757}]
\Shell\AutoRun\command - E:\ClearPath_Demo.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56902c3b-b949-11dc-a941-00166f1b5cde}]
\Shell\AutoRun\command - e:\system\viewer\FlipVideoforPC.exe
\Shell\Flip Video for PC\command - e:\system\viewer\FlipVideoforPC.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56902c43-b949-11dc-a941-00166f1b5cde}]
\Shell\AutoRun\command - E:\Setup_FlipShare.exe
\Shell\Setup FlipShare\command - E:\Setup_FlipShare.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5b1d234-f1a7-11da-827a-00166f1b7757}]
\Shell\AutoRun\command - E:\ClearPath_Demo.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d82dea2a-f0d6-11da-a065-00166f2b82ff}]
\Shell\AutoRun\command - E:\ClearPath_Demo.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f95c3632-5e8d-11db-a8b8-00166f1b5cde}]
\Shell\AutoRun\command - E:\Launch.exe
.
Contents of the 'Scheduled Tasks' folder
2009-04-09 c:\windows\Tasks\Ad-Aware Update (Daily).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-16 13:46]
.
.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = 10.162.66.55:8080
uInternet Settings,ProxyOverride = hxxp://sblprdiweb2;http://umatter.eloyaltyco.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: eloyalty.com
Trusted Zone: eloyaltyco.com
Trusted Zone: imageshack.us
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {00B28243-126B-4FFF-B346-6C3176E8296B} - hxxp://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_Calendar.cab
DPF: {DE2C7216-C882-400E-BB47-EBB90237CAD1} - hxxp://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_HI_Client.cab
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-11 22:14:49
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ... 
scanning hidden autostart entries ...
scanning hidden files ... 
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1308)
c:\windows\system32\SGGINA.DLL
c:\program files\Utimaco\SafeGuard Easy\SGEGINA.DLL
c:\program files\Utimaco\SafeGuard Easy\CMessage.dll
c:\program files\Utimaco\SafeGuard Easy\SgWin32.dll
c:\program files\Utimaco\SafeGuard Easy\CmfcApi.dll
c:\program files\Utimaco\SafeGuard Easy\EcView.dll
c:\program files\Utimaco\SafeGuard Easy\SgeUtil.dll
c:\program files\Utimaco\SafeGuard Easy\SgUicl.dll
c:\program files\Utimaco\SafeGuard Easy\FLTAPI.dll
c:\program files\Utimaco\SafeGuard Easy\SGUICLRES.DLL
c:\program files\Utimaco\SafeGuard Easy\SGUICL.MSG
c:\program files\Utimaco\SafeGuard Easy\SGE_ERR0409.DLL
c:\program files\Utimaco\SafeGuard Easy\SGE_MSG0409.DLL
c:\program files\Utimaco\SafeGuard Easy\encviewer.ocx
c:\program files\Utimaco\SafeGuard Easy\SGE_INFO0409.DLL
c:\program files\Utimaco\SafeGuard Easy\SgHtmHlp.dll
c:\program files\Utimaco\SafeGuard Easy\SGHTMHLP0409.dll
c:\program files\Utimaco\SafeGuard Easy\sgea40.dll
c:\program files\Utimaco\SafeGuard Easy\CfgApi.dll
c:\program files\Utimaco\SafeGuard Easy\SGEDRV.dll
c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll
c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\tphklock.dll
c:\program files\Utimaco\SafeGuard Easy\DComSec.dll
c:\windows\system32\GetUserSid.dll
c:\windows\system32\LogMsgApp.Dll
c:\windows\system32\LogData.dll
c:\program files\Utimaco\SafeGuard Easy\SecClassFactoryPS.dll
c:\program files\Utimaco\SafeGuard Easy\wkscfgsrvps.dll
c:\windows\system32\SGLogEx.dll
c:\windows\system32\SGLogNotification.dll
.
Completion time: 2009-04-11 22:18:05
ComboFix-quarantined-files.txt  2009-04-11 21:17:33
ComboFix2.txt  2009-04-09 12:12:53
ComboFix3.txt  2009-04-06 13:26:42
ComboFix4.txt  2009-04-05 17:08:47
ComboFix5.txt  2009-04-11 21:10:08
Pre-Run: 11,645,374,464 bytes free
Post-Run: 11,626,422,272 bytes free
264
HJ file
Logfile of HijackThis v1.99.1
Scan saved at 22:09, on 2009-04-11
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Vodafone-vpn\cvpnd.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\iPass\iPassConnect\iPCAgent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Utimaco\SafeGuard Easy\SgeClient.exe
C:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
C:\WINDOWS\system32\SgLogPlayer.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\IBM\Director\bin\twgipcsv.exe
C:\WINDOWS\system32\vnxserv.exe
C:\Program Files\IBM\Director\bin\twgipc.exe
C:\Program Files\IBM\Director\bin\twgescli.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\IBM\Director\bin\twgmonit.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IBM\Director\cimom\bin\tier1slp.exe
C:\Program Files\IBM\Director\bin\IBMSA.exe
C:\Program Files\IBM\Director\bin\slp_srvreg.exe
C:\Program Files\IBM\Director\cimom\bin\cimlistener.exe
C:\Program Files\IBM\Director\cimom\bin\wmicimserver.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE
C:\Program Files\iPass\iPassConnect\downloader\ipccheck.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
C:\Program Files\Utimaco\SafeGuard Easy\WKSCFGSRV.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe
C:\Documents and Settings\eloy04260\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\eloy04260\Local Settings\temp\wzad7d\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.162.66.55:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://sblprdiweb2;http://umatter.eloyaltyco.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [SgeEcView] C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
O4 - HKLM\..\Run: [EdWizard] C:\Program Files\Utimaco\SafeGuard Easy\EdWizard.exe as
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MilShieldSlave] "C:\Program Files\Mil Incorporated\Mil Shield\ShieldWorker.exe" -logon
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\eloy04260\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Vodafone Ireland Vodafonie.ie VPN Client.lnk = C:\Program Files\Vodafone-vpn\ipsecdialer.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://intranet.vodafone.com/ie
O15 - Trusted Zone: *.eloyalty.com
O15 - Trusted Zone: *.eloyaltyco.com
O15 - Trusted Zone: *.imageshack.us
O16 - DPF: {00B28243-126B-4FFF-B346-6C3176E8296B} (Siebel Calendar) - http://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_Calendar.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229591201781
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229591183406
O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} (Oracle JInitiator 1.1.8.16) -
O16 - DPF: {DE2C7216-C882-400E-BB47-EBB90237CAD1} (Siebel High Interactivity Framework) - http://sblprdiweb2/callcenter_enu/19221/applets/SiebelAx_HI_Client.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://eloyalty.webex.com/client/T26L/webex/ieatgpc.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupControlXP Class) - https://remoteaccess.wyndhamworldwide.com/dana-cached/setup/JuniperSetupSP1.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5480/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = eloyaltyco.com
O17 - HKLM\Software\..\Telephony: DomainName = eloyaltyco.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = eloyaltyco.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = eloyaltyco.com
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = eloyaltyco.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: NotLog - C:\WINDOWS\SYSTEM32\SGLogEx.dll
O20 - Winlogon Notify: SGLogNotification - C:\WINDOWS\SYSTEM32\SGLogNotification.dll
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: IBM Director CIM Listener (cimlistener) - OpenSource Pegasus - C:\Program Files\IBM\Director\cimom\bin\cimlistener.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Vodafone-vpn\cvpnd.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
O23 - Service: Google Update Service (gupdate1c966cbfc29245e) (gupdate1c966cbfc29245e) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: IBM SLP SA (ibmsa) - IBM Corporation - C:\Program Files\IBM\Director\bin\IBMSA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPassConnectEngine - iPass - C:\Program Files\iPass\iPassConnect\iPassConnectEngine.exe
O23 - Service: iPCAgent - iPass, Inc. - C:\Program Files\iPass\iPassConnect\iPCAgent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: MilShieldCleaner - Unknown owner - C:\Program Files\Mil Incorporated\Mil Shield\ShieldService.exe
O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing)
O23 - Service: OracleOra81ClientCache - Unknown owner - C:\oracle\ora81\BIN\ONRSD.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SafeGuard Easy Client (SgeClient) - Unknown owner - C:\Program Files\Utimaco\SafeGuard Easy\SgeClient.exe
O23 - Service: SafeGuard Easy Control (SgeCtl) - Utimaco Safeware AG - C:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
O23 - Service: SafeGuard SGLOG  Player (SgLogPlayer) - Utimaco Safeware AG - C:\WINDOWS\system32\SgLogPlayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing)
O23 - Service: IBM Director Agent SLP Attributes (tier1slp) - IBM Corporation - C:\Program Files\IBM\Director\cimom\bin\tier1slp.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: IBM Director Support Program (TWGIPC) - IBM Corporation - C:\Program Files\IBM\Director\bin\twgipcsv.exe
O23 - Service: Vsclient Service (VnxService) - Unknown owner - C:\WINDOWS\system32\vnxserv.exe
O23 - Service: IBM Director Agent WMI CIM Server (wmicimserver) - IBM Corporation - C:\Program Files\IBM\Director\cimom\bin\wmicimserver.exe








Back to Top
 

Garyh3
New Member


Date Joined May 2006
Total Posts : 30
 
   Posted 4/24/2009 5:21 PM (GMT +3)    Quote: Explorer corrupt?Alert an admin about: Explorer corrupt?
Hi Touch
Ran SDFix and it seems to be running a lot better... at the moment I havnt had to restart my pc once today.
here is the Log
Garyh3

[b]SDFix: Version 1.240 [/b]
Run by eloy04260 on 2009-04-23 at 18:25
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\Temp\sdfix\SDFix
[b]Checking Services [/b]:

Restoring Default Security Values
Restoring Default Hosts File
Rebooting

[b]Checking Files [/b]:
Trojan Files Found:
C:\WINDOWS\system32\.ico - Deleted




Removing Temp Files
[b]ADS Check [/b]:
 

                                 [b]Final Check [/b]:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-23 18:38:51
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services [/b]:



Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Documents and Settings\\eloy04260\\GaryStuff\\GarysStuff\\FTP\\WS_FTP95.exe"="C:\\Documents and Settings\\eloy04260\\GaryStuff\\GarysStuff\\FTP\\WS_FTP95.exe:*:Enabled:WS_FTP 95"
"C:\\WINDOWS\\system32\\ftp.exe"="C:\\WINDOWS\\system32\\ftp.exe:*:Enabled:File Transfer Program"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\\Program Files\\IBM\\SMA\\smabat.exe"="C:\\Program Files\\IBM\\SMA\\smabat.exe:*:Disabled:smabat"
"C:\\Documents and Settings\\eloy04260\\Local Settings\\Apps\\2.0\\BO8MRCNE.RBW\\H6Q1W016.E4H\\moni..tion_ead9156a56b0f665_0001.0000_50417c0338be37d1\\MonitoringAlertDesktopClient.exe"="C:\\Documents and Settings\\eloy04260\\Local Settings\\Apps\\2.0\\BO8MRCNE.RBW\\H6Q1W016.E4H\\moni..tion_ead9156a56b0f665_0001.0000_50417c0338be37d1\\MonitoringAlertDesktopClient.exe:*:Disabled:Monitoring Alert Desktop Client"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[b]Remaining Files [/b]:

File Backups: - C:\Temp\sdfix\SDFix\backups\backups.zip
[b]Files with Hidden Attributes [/b]:
Tue 15 Jul 2003       416,824 A..H. --- "C:\DRIVERS\admin\SETUP.EXE"
Mon 14 Apr 2008     1,695,232 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Mon 14 Apr 2008        60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Wed 22 Oct 2008       949,072 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll"
Mon 15 Sep 2008     1,562,960 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll"
Wed 22 Oct 2008       962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll"
Wed  6 Dec 2006             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 15 Jul 2003       416,824 A..H. --- "C:\DRIVERS\admin\FILES\OWC11\SETUP.EXE"
Tue 20 Feb 2001         8,192 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\CTFMON.EXE"
Tue 20 Feb 2001        37,376 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\DIMM.DLL"
Thu 17 Mar 2005     1,146,320 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\FM20.DLL"
Tue 15 Jul 2003        32,584 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\FM20ENU.DLL"
Tue 20 Feb 2001         4,608 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\HKL0404.DLL"
Tue 20 Feb 2001         4,608 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\HKL0411.DLL"
Tue 20 Feb 2001         4,608 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\HKL0412.DLL"
Tue 20 Feb 2001         4,608 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\HKL0804.DLL"
Wed 21 Aug 2002       204,800 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\INKED.DLL"
Tue 20 Feb 2001         3,104 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\INPUT16.DLL"
Thu 18 Jun 1998        53,248 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\MFC42ENU.DLL"
Tue 20 Feb 2001       273,408 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\MSCTF.DLL"
Tue 20 Feb 2001        56,832 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\MSCTFP.DLL"
Tue 20 Feb 2001       168,448 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\MSIMTF.DLL"
Wed 24 May 2000       118,784 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\MSSTDFMT.DLL"
Sun  9 Aug 1998        94,208 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\MSSTKPRP.DLL"
Tue 20 Feb 2001       162,304 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\MSUTB.DLL"
Wed 17 Jun 1998       401,462 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\MSVCP60.DLL"
Wed 25 Mar 1998        15,872 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\SCP32.DLL"
Thu 25 Nov 1999        40,960 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\VBAME.DLL"
Wed 21 Aug 2002       189,952 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\WISPTIS.EXE"
Mon 16 Feb 2009   242,743,296 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5b69967e31d1d0e20f5063cc728c883d\BITE3.tmp"
Tue 19 Feb 2008        24,576 ...H. --- "C:\Documents and Settings\eloy04260\Application Data\Microsoft\Word\~WRL1573.tmp"
Wed  2 Aug 2006        20,480 ...H. --- "C:\Documents and Settings\eloy04260\Application Data\Microsoft\Word\~WRL2976.tmp"
Wed  7 Feb 2001       208,979 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSACTVSY\RI!!!!!.DLL"
Tue  2 Mar 2004     1,638,400 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\GDIPLUS.DLL"
Fri 30 May 2003        30,208 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\LFBMP13N.DLL"
Fri 30 May 2003       417,792 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\LFCMP13N.DLL"
Fri 30 May 2003        47,104 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\LFGIF13N.DLL"
Fri 30 May 2003       181,760 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\LFPNG13N.DLL"
Fri 30 May 2003        76,800 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\LFWMF13N.DLL"
Fri 30 May 2003       269,312 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\LTDIS13N.DLL"
Fri 30 May 2003       150,528 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\LTFIL13N.DLL"
Fri 30 May 2003       445,440 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\LTIMG13N.DLL"
Fri 30 May 2003       446,976 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\LTKRN13N.DLL"
Mon 16 Jun 2003        77,915 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\WKIMGING.DLL"
Mon 16 Jun 2003        61,529 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\WKIMGSRV.DLL"
Mon 16 Jun 2003        86,085 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\WKWAT.DLL"
Mon 16 Jun 2003        86,085 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\WKWBL.DLL"
Mon 16 Jun 2003       110,673 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\WKWINUNI.DLL"
Tue 20 Feb 2001       230,400 A..H. --- "C:\DRIVERS\admin\FILES\WINDOWS\IME\MSCANDUI.DLL"
Tue 20 Feb 2001       154,624 A..H. --- "C:\DRIVERS\admin\FILES\WINDOWS\IME\SOFTKBD.DLL"
Tue 20 Feb 2001       227,840 A..H. --- "C:\DRIVERS\admin\FILES\WINDOWS\IME\SPTIP.DLL"
Wed 14 Mar 2007       200,192 ...H. --- "C:\Documents and Settings\eloy04260\GaryStuff\Projects\Vodafone\MPS\~WRL0527.tmp"
Sun  9 Aug 1998        86,016 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\DESIGNER\MSADDNDR.DLL"
Wed 19 Mar 2003        40,960 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSFT.NET\PIAS\MSDDSLMP.DLL"
Wed 19 Mar 2003       143,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSFT.NET\PIAS\MSDDSP.DLL"
Thu 31 Jul 2003       997,992 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\ACCESS.DLL"
Fri 25 Mar 2005       170,696 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\ACCWIZ.DLL"
Thu 17 Mar 2005        88,264 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\ADDRPARS.DLL"
Tue 15 Jul 2003        38,968 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\AUTHZAX.DLL"
Tue 15 Jul 2003        94,768 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\AW.DLL"
Mon 29 Jul 2002        73,728 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\BIDI32.DLL"
Thu 17 Mar 2005        61,128 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\BLNMGR.DLL"
Tue 15 Jul 2003        46,144 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\BLNMGRPS.DLL"
Fri 25 Mar 2005       351,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\CDLMSO.DLL"
Fri  6 Sep 2002        65,536 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\DAO.DLL"
Thu 17 Mar 2005        77,000 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\DLGSETP.DLL"
Tue 15 Jul 2003        14,904 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\DSITF.DLL"
Tue 15 Jul 2003        98,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\DSSM.EXE"
Fri 12 Jan 2001       468,376 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\EEFONTS.DLL"
Fri 25 Mar 2005       132,296 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\ENVELOPE.DLL"
Fri 27 May 2005    10,095,808 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\EXCEL.EXE"
Thu 31 Jul 2003     1,100,392 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\EXCELPIA.DLL"
Tue  1 Mar 2005       247,808 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\EXCHCSP.DLL"
Thu 17 Mar 2005       346,824 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\EXSEC32.DLL"
Tue 15 Jul 2003        13,368 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\FINDER.EXE"
Thu 31 Jul 2003       371,296 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\FORMSPIA.DLL"
Fri 25 Mar 2005     1,953,480 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\FPCUTL.DLL"
Fri 25 Mar 2005       187,072 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\FPDTC.DLL"
Tue  5 Jul 2005     1,773,568 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\GDIPLUS.DLL"
Thu 17 Mar 2005     2,141,376 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\GRAPH.EXE"
Thu 31 Jul 2003       141,928 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\GRAPHPIA.DLL"
Wed  9 Dec 1998        31,744 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\HLP95EN.DLL"
Fri 25 Mar 2005        87,240 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\IEAWSDC.DLL"
Thu 17 Mar 2005       122,056 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\IMPMAIL.DLL"
Tue  5 Jul 2005     7,069,896 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\INFOPATH.EXE"
Tue 15 Jul 2003        58,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\INLAUNCH.DLL"
Thu 17 Mar 2005        64,712 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\INTLDATE.DLL"
Thu 17 Mar 2005       101,064 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\IPATHPIA.DLL"
Thu 17 Mar 2005       359,112 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\IPCLRWRP.DLL"
Thu 17 Mar 2005        21,192 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\IPDMCTRL.DLL"
Thu 15 Jan 2004        88,776 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\IPXMLPIA.DLL"
Fri 25 Mar 2005        97,984 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MCPS.DLL"
Tue 15 Jul 2003       176,696 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MIMEDIR.DLL"
Thu 17 Mar 2005        30,408 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MLSHEXT.DLL"
Fri 25 Mar 2005       471,752 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MODHELP.DLL"
Thu  7 Jul 2005     6,657,224 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSACCESS.EXE"
Fri  3 Jun 2005       133,320 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSAEXP30.DLL"
Fri  6 Sep 2002       229,376 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSCOMCTL.DLL"
Tue 15 Jul 2003        40,504 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSE7.EXE"
Thu 17 Mar 2005       139,976 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSJSPP40.DLL"
Tue 15 Jul 2003       120,888 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOAUTH.DLL"
Thu 17 Mar 2005       107,200 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOCF.DLL"
Thu 17 Mar 2005       128,200 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOCFU.DLL"
Tue 15 Jul 2003        27,704 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSODCW.DLL"
Tue 15 Jul 2003        67,128 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOHEV.DLL"
Tue 15 Jul 2003        55,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOHTMED.EXE"
Tue 15 Jul 2003        54,328 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOMSE.DLL"
Tue 15 Jul 2003        28,224 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOSTYLE.DLL"
Tue 15 Jul 2003        55,872 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOSVABW.DLL"
Tue 15 Jul 2003        39,488 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOSVFBR.DLL"
Thu  9 Nov 2000     1,200,177 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSOWCW.DLL"
Tue  5 Jul 2005     5,685,440 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSPUB.EXE"
Tue 15 Jul 2003       637,496 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSQRY32.EXE"
Thu 17 Apr 2003        76,352 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSRTEDIT.DLL"
Thu 31 Jul 2003        20,080 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSTAGPIA.DLL"
Fri 25 Mar 2005       627,912 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSTORDB.EXE"
Fri 25 Mar 2005       125,640 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSTORE.EXE"
Fri 25 Mar 2005       484,040 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSTORES.DLL"
Tue 23 Jan 2001       831,562 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSUSP.DLL"
Tue 15 Jul 2003       145,984 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MSWEBCAP.DLL"
Tue  4 Mar 2003       141,952 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MULTIMGR.DLL"
Tue 30 Jan 2001        90,112 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MULTIQ.DLL"
Tue 15 Jul 2003        56,888 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\NAME.DLL"
Tue 15 Jul 2003        13,888 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\NPOFFICE.DLL"
Tue 15 Jul 2003       223,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OCLEAN.DLL"
Tue 15 Jul 2003        57,400 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OFFCLN.EXE"
Thu 31 Jul 2003       223,800 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OFFICE.DLL"
Thu 17 Mar 2005       284,352 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OIS.EXE"
Fri 25 Mar 2005       831,688 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OISAPP.DLL"
Thu 17 Mar 2005        35,528 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OISCTRL.DLL"
Tue 15 Jul 2003       242,240 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OISGRAPH.DLL"
Thu 31 Jul 2003        35,448 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OLCTLPIA.DLL"
Tue 15 Jul 2003       232,512 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OLKFSTUB.DLL"
Tue 15 Jul 2003     1,054,264 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OMFC.DLL"
Fri 25 Mar 2005        96,960 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OSA.EXE"
Thu 17 Mar 2005        25,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLACCT.DLL"
Tue 15 Jul 2003       102,968 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLCTL.DLL"
Tue  8 Jul 2003       115,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLFLTR.DLL"
Fri 22 Jul 2005     7,605,960 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLLIB.DLL"
Mon 25 Apr 2005        92,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLMIME.DLL"
Tue  5 Jul 2005       196,296 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLOOK.EXE"
Thu 17 Mar 2005       141,000 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLPH.DLL"
Thu 31 Jul 2003       408,176 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLPIA.DLL"
Thu 31 Mar 2005        64,200 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLRPC.DLL"
Thu 17 Mar 2005        44,744 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLVBS.DLL"
Tue 15 Jul 2003        49,208 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OUTLWAB.DLL"
Thu 31 Jul 2003       461,416 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OWC11PIA.DLL"
Fri 25 Mar 2005       641,736 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OWSCLT.DLL"
Tue 15 Jul 2003        72,248 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\OWSSUPP.DLL"
Wed 29 Jun 2005     6,146,760 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\POWERPNT.EXE"
Thu 31 Jul 2003       223,856 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\PPTPIA.DLL"
Thu  7 Jul 2005     1,677,000 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\PPTVIEW.EXE"
Tue 15 Jul 2003       112,704 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\PROFLWIZ.EXE"
Thu 17 Mar 2005       130,752 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\PRTF9.DLL"
Thu 17 Mar 2005       605,376 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\PTXT9.DLL"
Thu 17 Mar 2005       555,720 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\PUBCONV.DLL"
Mon 13 Jan 2003        39,504 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\PUBENV.DLL"
Thu 31 Jul 2003       211,568 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\PUBPIA.DLL"
Tue 15 Jul 2003        51,256 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\PUBTRAP.DLL"
Tue 15 Jul 2003        37,432 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\RECALL.DLL"
Fri  9 May 2003        77,824 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\REFEDIT.DLL"
Tue 15 Jul 2003        40,512 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\REFIEBAR.DLL"
Mon 21 Jul 2003       390,712 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\RTFHTML.DLL"
Tue 15 Jul 2003       211,512 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\SAEXT.DLL"
Tue 15 Jul 2003       349,248 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\SELFCERT.EXE"
Tue 15 Jul 2003        66,616 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\SENDTO.DLL"
Tue 15 Jul 2003        58,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\SEQCHK10.DLL"
Thu 17 Mar 2005       378,568 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\SETLANG.EXE"
Thu 17 Mar 2005       444,608 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\SOA.DLL"
Thu 17 Mar 2005     2,812,616 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\STSLIST.DLL"
Fri 25 Mar 2005       178,888 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\STSUPLD.DLL"
Tue 15 Jul 2003        72,256 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\UCSCRIBE.DLL"
Tue 15 Jul 2003        59,960 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\UNBIND.EXE"
Wed 30 Oct 2002       246,424 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\UNICOWS.DLL"
Thu 31 Jul 2003        64,088 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VBIDEPIA.DLL"
Wed  2 Apr 2003       111,632 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\WAVTOASF.EXE"
Mon 13 Jan 2003        92,752 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\WDBIMP.DLL"
Fri 22 Jul 2005    12,061,896 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\WINWORD.EXE"
Thu 31 Jul 2003       662,120 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\WORDPIA.DLL"
Fri 10 Dec 1999        32,768 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\XLCALL32.DLL"
Mon 16 Jun 2003       229,376 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\1033\WKGL70.DLL"
Mon 16 Jun 2003        12,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSWORKS\1033\WKIMGLNG.DLL"
Mon  9 Jul 2007       444,928 ...H. --- "C:\Documents and Settings\eloy04260\GaryStuff\Projects\Vodafone\MPS\production\~WRL3132.tmp"
Tue 10 Jul 2007     1,366,528 ...H. --- "C:\Documents and Settings\eloy04260\GaryStuff\Projects\Vodafone\MPS\production\~WRL3153.tmp"
Wed 12 Sep 2007       599,040 ...H. --- "C:\Documents and Settings\eloy04260\GaryStuff\Projects\Vodafone\MPS\production\~WRL3571.tmp"
Fri 18 Oct 2002         8,200 A..H. --- "C:\DRIVERS\admin\FILES\APPDATA\MS\OFFICE\DATA\OPA11.BAK"
Tue 31 Oct 2000        57,344 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\L&H\SPEECH\ENUT3S51.DLL"
Mon 31 Jul 2000        98,304 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\L&H\SPEECH\LHCOM01A.DLL"
Fri 24 Nov 2000       131,072 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\L&H\SPEECH\TTSCORE.DLL"
Fri 23 May 2003       764,536 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DBREP\WZCNF.DLL"
Fri 23 May 2003        45,130 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DBREP\WZCNFLCT.EXE"
Wed 19 Mar 2003       851,968 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DESIGN7\MSDDS.DLL"
Wed 19 Mar 2003       487,424 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DESIGN7\MSDDSF.DLL"
Wed 19 Mar 2003       335,872 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DESIGN7\MSDDSLM.DLL"
Wed 19 Mar 2003       499,712 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DESIGN7\MSVCP71.DLL"
Fri 21 Feb 2003       348,160 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DESIGN7\MSVCR71.DLL"
Fri 27 May 2005       631,488 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DW\DW20.EXE"
Mon 10 Nov 2003        39,952 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DW\DWDCW20.DLL"
Mon 10 Nov 2003        34,832 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DW\DWTRIG20.EXE"
Mon 24 Mar 2003       543,304 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\EQUATION\EQNEDT32.EXE"
Tue 15 Jul 2003        25,144 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\EURO\MSOEURO.DLL"
Thu 20 Apr 2000       465,677 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INFORMAT\ITIRCL52.DLL"
Thu 20 Apr 2000       520,117 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INFORMAT\MSITSS.DLL"
Tue  6 Apr 2004     1,645,240 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INK\GDIPLUS.DLL"
Wed  7 Feb 2001     1,835,008 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INK\HWXUSA.DLL"
Tue 28 Jan 2003       257,536 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INK\INKDIV.DLL"
Wed 21 Aug 2002     1,133,056 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INK\INKOBJ.DLL"
Wed  7 Feb 2001       372,802 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INK\PENUSA.DLL"
Wed  7 Feb 2001       110,651 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INK\SKCHOBJ.DLL"
Wed  7 Feb 2001       364,607 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INK\SKCHUI.DLL"
Wed 21 Aug 2002        48,640 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\INK\TPCPS.DLL"
Thu 17 Mar 2005       231,616 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MSCDM\MSCDM.DLL"
Tue 15 Jul 2003       119,872 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MSINFO\OINFOP11.EXE"
Tue 15 Jul 2003        15,936 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MSINFO\OINFOS11.DLL"
Tue 15 Jul 2003       376,888 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MSORUN\MSORUN.DLL"
Tue 15 Jul 2003        17,464 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSMH.DLL"
Fri 22 Jul 2005    12,242,624 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSO.DLL"
Wed 26 Mar 2003        88,640 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSOICONS.EXE"
Tue 15 Jul 2003        42,040 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSOXEV.DLL"
Tue 15 Jul 2003        55,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSOXMLED.EXE"
Tue 15 Jul 2003        39,488 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSOXMLMF.DLL"
Tue 15 Jul 2003        41,528 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSSH.DLL"
Fri  6 Dec 2002       497,664 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSSOAP30.DLL"
Wed 22 Sep 2004     1,290,240 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\MSXML5.DLL"
Tue 21 Sep 2004       965,400 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\RICHED20.DLL"
Tue 15 Jul 2003       117,304 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\UCS20.DLL"
Thu  5 Feb 2004       422,912 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\USP10.DLL"
Fri  6 Dec 2002        93,696 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\WISC30.DLL"
Fri 11 Jul 2003        42,576 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PORTAL\PORTALCN.DLL"
Fri  7 Jul 2000        49,152 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\CHAPI3T1.DLL"
Tue 15 Dec 1998        65,593 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\CSAPI3T1.DLL"
Mon 22 Nov 1999        45,121 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\CTAPI3T2.DLL"
Mon  5 Jan 2004       749,568 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSHY3ES.DLL"
Thu 28 Nov 2002       184,395 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSHY3FR.DLL"
Fri 31 Jul 1998        61,512 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSHYPH2.DLL"
Thu  5 Nov 1998       536,576 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSLID.DLL"
Wed  9 Apr 2003       827,392 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSSP3ES.DLL"
Sat 22 Jan 2005       542,208 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSSP3FR.DLL"
Sun 17 Feb 2002        86,016 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSSPELL3.DLL"
Thu 15 Jan 2004       802,816 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSTH3ES.DLL"
Wed 26 Jan 2005       364,627 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSTH3FR.DLL"
Mon  8 Jun 1998        49,152 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\MSTHES3.DLL"
Tue 15 Jul 2003       120,888 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SMARTTAG\FDATE.DLL"
Tue 15 Jul 2003       124,984 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SMARTTAG\FNAME.DLL"
Tue 15 Jul 2003       179,768 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SMARTTAG\FPERSON.DLL"
Tue 15 Jul 2003       165,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SMARTTAG\FPLACE.DLL"
Tue 15 Jul 2003       153,144 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SMARTTAG\FSTOCK.DLL"
Thu 17 Mar 2005       161,984 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SMARTTAG\IETAG.DLL"
Tue 15 Jul 2003       290,872 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SMARTTAG\MOFL.DLL"
Tue 15 Jul 2003     1,054,264 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SNAPVIEW\OMFC.DLL"
Wed 16 Apr 2003        64,088 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SNAPVIEW\OMFCSAT.DLL"
Tue 15 Jul 2003        46,656 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SNAPVIEW\SNAPVIEW.EXE"
Fri 22 Nov 2002       696,320 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SPEECH\SAPI.DLL"
Mon 31 Mar 2003        43,576 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SPEECH\SAPISVR.EXE"
Mon 28 Jul 2003        89,136 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SRCENG\OSE.EXE"
Fri 25 Mar 2005       116,424 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TEXTCONV\MSCONV97.DLL"
Wed 16 Apr 2003        91,136 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TEXTCONV\MSLS2.DLL"
Mon 16 Jun 2003       872,521 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TEXTCONV\WKCVQD01.DLL"
Mon 16 Jun 2003       118,860 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TEXTCONV\WKCVQR01.DLL"
Mon 11 Oct 1999       131,072 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TEXTCONV\WPEQU532.DLL"
Tue 15 Jul 2003       124,480 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TRANSLAT\MSB1CORE.DLL"
Tue 15 Jul 2003        47,872 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TRANSLAT\MSB1XTOR.DLL"
Wed 23 Jul 2003       221,184 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TRANSLAT\WTSP61MS.DLL"
Wed 19 Mar 2003       499,712 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VDBTOOLS\MSVCP71.DLL"
Fri 21 Feb 2003       348,160 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VDBTOOLS\MSVCR71.DLL"
Wed 19 Mar 2003     3,198,976 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VDBTOOLS\VDT70.DLL"
Wed 19 Mar 2003       864,256 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VDBTOOLS\VDT70G.DLL"
Tue 16 Jan 2001        53,248 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VS7DEBUG\COLOADER.DLL"
Fri 20 Jun 2003       322,120 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VS7DEBUG\MDM.EXE"
Sat  5 Jan 2002       176,128 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VS7DEBUG\MSDBG2.DLL"
Sat  5 Jan 2002       180,224 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VS7DEBUG\PDM.DLL"
Fri 20 Jun 2003       162,400 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VS7DEBUG\VS7JIT.EXE"
Fri 11 Jul 2003     1,292,872 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBFLDRS\MSONSEXT.DLL"
Tue 15 Jul 2003        35,896 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBFLDRS\MSOSV.DLL"
Fri 11 Jul 2003        80,448 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBFLDRS\PKMWS.DLL"
Fri 27 Jun 2003        77,824 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SPEECH\MS\SPCOMMON.DLL"
Fri 11 Jul 2003       842,816 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\OLEDB\MSDAIPP.DLL"
Fri 11 Jul 2003       160,320 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\OLEDB\MSDAPML.DLL"
Wed  4 May 2005       465,640 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\OLEDB\MSDMENG.DLL"
Wed  4 May 2005     1,411,816 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\OLEDB\MSDMINE.DLL"
Wed  4 May 2005       240,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\OLEDB\MSMDCB80.DLL"
Wed  4 May 2005     1,071,856 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\OLEDB\MSMDGD80.DLL"
Wed  4 May 2005       199,408 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\OLEDB\MSMDUN80.DLL"
Wed  4 May 2005     2,120,448 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\OLEDB\MSOLAP80.DLL"
Wed  4 May 2005       228,152 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\OLEDB\MSOLUI80.DLL"
Thu 11 Jan 2001        12,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\MEDIA\CAGCAT10\CAGCAT10.DLL"
Thu 11 Jan 2001        12,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\MEDIA\OFFICE11\OFFICE10.DLL"
Fri 25 Mar 2005       367,304 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\ACWIZRC.DLL"
Tue  5 Jul 2005        35,528 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\ADDRPRSR.DLL"
Tue 15 Jul 2003        13,376 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\CERTINTL.DLL"
Mon  3 Mar 2003        39,544 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\EEFINTL.DLL"
Tue 15 Jul 2003        20,032 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\ENVELOPR.DLL"
Tue 15 Jul 2003        13,376 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\EXPTOOWS.DLL"
Tue 15 Jul 2003       145,984 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\GRINTL32.DLL"
Mon  3 Mar 2003        31,352 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\HTMMINTL.DLL"
Mon  3 Mar 2003        27,256 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\HTMQINTL.DLL"
Thu 17 Mar 2005     1,013,960 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\INFINTL.DLL"
Tue 15 Jul 2003        12,864 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MODHLPUI.DLL"
Tue 15 Jul 2003       473,656 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MOR6INT.DLL"
Thu 17 Mar 2005       440,008 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MORPH9.DLL"
Tue  5 Jul 2005       589,504 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSAIN.DLL"
Fri 13 Jun 2003       219,520 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSCAL32.DLL"
Tue 15 Jul 2003        60,472 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSEINTL.DLL"
Tue 15 Jul 2003        31,296 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSOAUTUI.DLL"
Thu 17 Mar 2005        89,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSOHELP.EXE"
Mon 30 Oct 2000       110,592 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSOWCWI.DLL"
Tue  9 Mar 1999        74,000 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSRCLR40.DLL"
Wed 16 Aug 2000        28,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSRECR40.DLL"
Fri 13 Jun 2003       189,312 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSSCD32.DLL"
Fri 13 Jun 2003     1,750,904 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSSPC32.DLL"
Tue 15 Jul 2003       143,416 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSTINTL.DLL"
Fri 13 Jun 2003        44,952 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSTRE32.DLL"
Tue 23 Jan 2001       229,444 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSUSPINT.DLL"
Tue 15 Jul 2003        10,816 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\MSWBCLNG.DLL"
Tue 15 Jul 2003       109,120 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\OBALLOON.DLL"
Tue 15 Jul 2003       121,400 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\OCLTINT.DLL"
Thu 17 Mar 2005       130,760 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\OISINTL.DLL"
Wed 16 Apr 2003        64,088 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\OMFCSAT.DLL"
Tue  5 Jul 2005     3,057,864 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\OUTLLIBR.DLL"
Tue  5 Jul 2005       275,144 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\OUTLWVW.DLL"
Tue 15 Jul 2003        41,008 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\PNG.DLL"
Sat  5 Aug 2000       307,200 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\POCE98.DLL"
Mon 11 Sep 2000        32,768 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\POCELANG.DLL"
Tue  5 Jul 2005       490,184 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\PPINTL.DLL"
Thu 17 Mar 2005       128,712 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\PPVWINTL.DLL"
Thu 17 Mar 2005     1,514,184 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\PUB6INTL.DLL"
Tue 15 Jul 2003        96,832 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\QRYINT32.DLL"
Fri  4 Apr 2003       190,848 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\SCHDPL32.EXE"
Tue  5 Jul 2005       138,952 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\SLINTL.DLL"
Thu  1 May 2003     1,178,272 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\SRINTL.DLL"
Tue 15 Jul 2003       133,696 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\STSLISTI.DLL"
Tue 15 Jul 2003        15,424 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\STSUCRES.DLL"
Tue 15 Jul 2003        13,376 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\UNBIND10.DLL"
Tue 15 Jul 2003        55,864 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\UNPACK.EXE"
Thu 21 Dec 2000        61,440 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\WWASUM.DLL"
Tue  5 Jul 2005       771,784 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\WWINTL.DLL"
Tue  5 Jul 2005       707,784 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\XLINTL32.DLL"
Tue 15 Jul 2003       154,176 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1033\XLSLICER.DLL"
Tue 19 Dec 2000       147,456 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\1036\WWASUM.DLL"
Tue 12 Jan 1999       548,920 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\3082\WWASUM.DLL"
Thu 10 Jul 2003         7,168 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\ADDINS\MSOSEC.DLL"
Tue 18 Mar 2003       344,064 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\ADDINS\MSVCR71.DLL"
Thu 10 Jul 2003        77,824 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\ADDINS\OTKLOADR.DLL"
Thu 24 Jul 2003        45,112 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\ADDINS\OUTLVBA.DLL"
Thu 17 Mar 2005        74,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\CONVERT\RM.DLL"
Fri 27 May 2005       100,552 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\CONVERT\TRANSMGR.DLL"
Tue 15 Jul 2003        15,928 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\MIGRATE\MIGRATE.DLL"
Thu 15 Jan 2004        88,776 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\temp\IPXMLPIA.DLL"
Wed 29 Nov 2000        64,512 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\ATL70.DLL"
Mon 29 Jan 2001        36,864 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\CMDDEF.DLL"
Tue 16 Jan 2001       106,496 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\COMPSVCS.DLL"
Wed 24 Jan 2001       200,704 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\CSSPKG.DLL"
Thu 18 Jan 2001       126,976 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\HTMDLGS.DLL"
Tue 24 Jun 2003       909,312 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\HTMED.DLL"
Thu  5 Jun 2003     3,035,136 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\MSENV.DLL"
Sat  5 Jan 2002       487,424 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\MSVCP70.DLL"
Sat  5 Jan 2002       344,064 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\MSVCR70.DLL"
Mon 29 Jan 2001       122,880 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\SCRIPTLE.DLL"
Tue 16 Jan 2001       143,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\SDM2.DLL"
Thu 18 Jan 2001       311,296 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\TRIDSN.DLL"
Fri 26 Jan 2001       212,992 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\VSBROWSE.DLL"
Mon 20 May 2002       589,824 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\VSDEBUG.DLL"
Wed 31 Jan 2001       224,256 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\VSTLBINF.DLL"
Tue 16 Jan 2001       356,352 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\VSTMCR.DLL"
Thu 17 Mar 2005       431,304 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\XLATORS\PP4X322.DLL"
Tue 15 Jul 2003        93,752 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\XLATORS\PP7X32.DLL"
Thu 11 May 2000       397,312 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\REDIST\MS\SYSTEM\MSRDO20.DLL"
Mon  3 Apr 2000       151,552 A..H. --- "C:\DRIVERS\admin\FILES\SYSTEM\REDIST\MS\SYSTEM\RDOCURS.DLL"
Tue 15 Jul 2003       109,120 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DW\1033\DWINTL20.DLL"
Mon  3 Mar 2003        64,096 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\EQUATION\1033\EEINTL.DLL"
Mon  7 Oct 2002        61,440 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\BINDER.DLL"
Mon  7 Oct 2002       192,573 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\FORM.DLL"
Wed 18 Jun 2003       252,928 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MDIINK.DLL"
Fri 10 Jun 2005       444,416 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MDIVWCTL.DLL"
Tue 18 May 2004     1,035,264 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPCORE.DLL"
Wed 18 Jun 2003       788,480 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPFILT.DLL"
Wed 18 Jun 2003        16,384 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPGIMME.DLL"
Thu 19 Jun 2003        57,448 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPOCRDC.EXE"
Thu 19 Jun 2003       128,104 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPSCAN.EXE"
Thu 19 Jun 2003       364,648 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\MSPVIEW.EXE"
Wed 18 Jun 2003         6,144 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\OCRPS.DLL"
Mon  7 Oct 2002       167,997 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\PSOM.DLL"
Mon  7 Oct 2002        81,984 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\REVERSE.DLL"
Mon  7 Oct 2002       106,561 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\THOCRAPI.DLL"
Mon  7 Oct 2002       241,729 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\TWCUTCHR.DLL"
Mon  7 Oct 2002       180,289 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\TWCUTLIN.DLL"
Mon  7 Oct 2002       147,520 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\TWLAY32.DLL"
Mon  7 Oct 2002       102,467 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\TWORIENT.DLL"
Sat 17 Aug 2002       106,559 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\TWRECC.DLL"
Mon  7 Oct 2002       118,847 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\TWRECE.DLL"
Mon  7 Oct 2002        81,983 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\TWRECS.DLL"
Mon  7 Oct 2002       221,252 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\TWSTRUCT.DLL"
Mon  7 Oct 2002     1,794,113 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\XIMAGE3B.DLL"
Wed 30 Apr 2003     1,581,120 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\XPAGE3C.DLL"
Tue  5 Jul 2005       149,192 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\1033\ALRTINTL.DLL"
Mon 28 Jul 2003        56,888 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\1033\LCCWIZ.DLL"
Tue  5 Jul 2005     1,751,240 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\1033\MSOINTL.DLL"
Fri  6 Dec 2002        30,208 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\1033\MSSOAPR3.DLL"
Fri 16 May 2003        84,480 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\OFFICE11\1033\MSXML5R.DLL"
Tue  5 Oct 2004     3,166,208 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\1033\MSGR3EN.DLL"
Sun 20 Jun 2004     6,215,168 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\1036\MSGR3FR.DLL"
Sat  4 Nov 2000     1,093,632 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\PROOF\3082\MSGR3ES.DLL"
Tue 15 Jul 2003        17,976 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SMARTTAG\1033\STINTL.DLL"
Fri 27 Jun 2003        61,440 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\SPEECH\1033\SPCPLUI.DLL"
Tue 10 Oct 2000        65,536 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TRANSLAT\ESEN\MSB1ESEN.DLL"
Tue 10 Oct 2000        65,536 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\TRANSLAT\FREN\MSB1FREN.DLL"
Wed 26 Aug 1998       466,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VBA\VBA6\VBACV10.DLL"
Wed 26 Aug 1998       471,040 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VBA\VBA6\VBACV10D.DLL"
Wed 26 Aug 1998     1,044,480 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VBA\VBA6\VBACV20.DLL"
Tue 25 May 2004     2,482,176 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VBA\VBA6\VBE6.DLL"
Wed 19 Mar 2003       180,224 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VDBTOOLS\1033\VDT70UI.DLL"
Sat  5 Jan 2002        24,576 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VS7DEBUG\1033\MDMUI.DLL"
Fri  3 Jun 2005     7,252,672 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBCOMPS\10\OWC10.DLL"
Tue 15 Jul 2003       141,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBCOMPS\11\ATP.DLL"
Tue 19 Apr 2005        47,816 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBCOMPS\11\DFUICOM.EXE"
Tue 15 Jul 2003        14,400 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBCOMPS\11\DFUIPRXY.DLL"
Mon 25 Apr 2005     8,071,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBCOMPS\11\OWC11.DLL"
Tue 15 Jul 2003        10,816 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBFLDRS\1033\MSOSVINT.DLL"
Fri 11 Jul 2003        42,568 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBFLDRS\1033\NSEXTINT.DLL"
Fri 27 Jun 2003       847,872 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SPEECH\MS\SR61\SPSRENG.DLL"
Fri 27 Jun 2003     1,134,592 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SPEECH\MS\SR61\SPSRX.DLL"
Tue 15 Jul 2003        12,352 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\BJABLR32.DLL"
Wed 16 Mar 2005       728,064 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\CDO.DLL"
Tue 15 Jul 2003       129,088 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\CNFNOT32.EXE"
Thu 17 Mar 2005       116,424 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\CONTAB32.DLL"
Thu 17 Mar 2005        31,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\DUMPSTER.DLL"
Thu 17 Mar 2005       106,696 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\EMABLT32.DLL"
Thu 17 Mar 2005       264,392 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\EMSABP32.DLL"
Mon 25 Apr 2005       704,712 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\EMSMDB32.DLL"
Mon 25 Apr 2005       132,296 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\EMSUI32.DLL"
Fri 13 Jun 2003       120,216 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\ESCONF.DLL"
Tue 10 Dec 2002        80,472 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\GAPI32.DLL"
Tue 10 Dec 2002       137,816 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\MAPI32.DLL"
Thu 17 Mar 2005       778,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\MAPIR.DLL"
Thu  7 Jul 2005     1,414,344 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\MSMAPI32.DLL"
Thu  7 Jul 2005       723,656 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\MSPST32.DLL"
Mon 25 Apr 2005       653,504 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\OUTEX.DLL"
Thu 17 Mar 2005       279,240 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\PSTPRX32.DLL"
Tue  5 Jul 2005        51,912 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\SCANOST.EXE"
Tue  5 Jul 2005        42,696 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\SCANPST.EXE"
Mon 25 Apr 2005       232,648 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\SCNPST32.DLL"
Mon 25 Apr 2005       241,352 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\SCNPST64.DLL"
Fri 13 Jun 2003        66,944 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SYSTEM\MSMAPI\1033\SCRPTXTN.DLL"
Thu 11 Jan 2001        12,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\MEDIA\OFFICE11\AUTOSHAP\AUTOSHAP.DLL"
Thu 11 Jan 2001        12,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\MEDIA\OFFICE11\BULLETS\BULLETS.DLL"
Thu 11 Jan 2001        12,288 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\MEDIA\OFFICE11\LINES\LINES.DLL"
Tue 15 Jul 2003        33,848 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\CONVERT\1033\LOCALDV.DLL"
Tue 15 Jul 2003        14,912 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\CONVERT\1033\TRANSMRR.DLL"
Tue 15 Jul 2003        84,544 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\LIBRARY\SOLVER\SOLVER32.DLL"
Tue 16 Jan 2001       192,512 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\CMDDEFUI.DLL"
Tue 16 Jan 2001         8,704 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\COMPSVCS.DLL"
Tue 16 Jan 2001        40,960 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\CSSPKGUI.DLL"
Tue 16 Jan 2001        22,528 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\HTMDLGSU.DLL"
Tue 16 Jan 2001       143,360 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\HTMEDUI.DLL"
Fri 26 Jan 2001        16,384 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\MSDBGUI.DLL"
Tue 16 Jan 2001       204,800 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\MSENVUI.DLL"
Thu 22 Aug 2002        32,768 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\VSBROWSU.DLL"
Tue 16 Jan 2001        86,016 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\VSDEBUGU.DLL"
Tue 16 Jan 2001        12,800 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\1033\VSTMCRUI.DLL"
Wed 29 Nov 2000        77,824 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\MSOFFICE\OFFICE11\VSRUN\ANSI\ATL70.DLL"
Wed 19 Mar 2003        24,576 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\DESIGN7\RESOURCE\1033\MSDDSUI.DLL"
Wed 18 Jun 2003         5,120 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\1033\MSPFLTRS.DLL"
Mon 26 Jan 2004       243,200 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\1033\MSPLCRES.DLL"
Mon 22 Mar 2004       765,680 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\DRIVERS\MDIGRAPH.DLL"
Mon 22 Mar 2004        24,816 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\DRIVERS\MDIMON.DLL"
Mon 22 Mar 2004        25,840 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\DRIVERS\MDIPPR.DLL"
Mon 22 Mar 2004        42,224 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\MODI\11.0\DRIVERS\MDIUI.DLL"
Fri 25 Oct 2002       159,744 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\VBA\VBA6\1033\VBE6INTL.DLL"
Fri  3 Jun 2005       506,568 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBCOMPS\10\1033\OWCI10.DLL"
Tue  5 Jul 2005       539,336 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBCOMPS\11\1033\OWCI11.DLL"
Tue 15 Jul 2003        87,104 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBSRVEX\60\BIN\FPENCODE.DLL"
Tue  5 Jul 2005     1,160,904 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBSRVEX\60\BIN\FPSRVUTL.DLL"
Fri 25 Mar 2005       800,960 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\MSSHARED\WEBSRVEX\60\BIN\FPWEC.DLL"
Fri 27 Jun 2003       126,976 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SPEECH\MS\SR61\1033\ITNGRAM.DLL"
Fri 27 Jun 2003        81,920 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\SPEECH\MS\SR61\1033\SPSRXUI.DLL"
Tue  7 Nov 2000       561,152 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\L&H\SPEECH\1033\TTS\TTS3000\ENUT11F1.DLL"
Tue  7 Nov 2000       573,440 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\L&H\SPEECH\1033\TTS\TTS3000\ENUT11M1.DLL"
Tue 14 Nov 2000       348,160 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\L&H\SPEECH\1033\TTS\TTS3000\ENUTEMPP.DLL"
Wed  8 Nov 2000       827,392 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\L&H\SPEECH\1033\TTS\TTS3000\ENUTG2P.DLL"
Tue  7 Nov 2000       139,264 A..H. --- "C:\DRIVERS\admin\FILES\PFILES\COMMON\L&H\SPEECH\1033\TTS\TTS3000\ENUTSTPP.DLL"
[b]Finished![/b]










Back to Top
 
New Topic Post reply to : Explorer corrupt? Printable version of : Explorer corrupt?
 
Forum Information
Currently it is Wednesday, April 16, 2014 7:17 PM (GMT +3)
There are a total of 60,348 posts in 13,271 threads.
In the last 3 days there were 0 new threads and 11 reply posts. View Active Threads
Who's Online
This forum has 35756 registered members. Please welcome our newest member, MNH.
1 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Computer running snail slow, virus maybe (26)4/16/2014 3:12:05 PM (KMB1999)
Google Redirect - trouble removing it (9)4/15/2014 9:42:12 PM (Sha2009)
Bullguard 2014 Internet Security: Firewall blocks internet connection at startup (5)4/15/2014 4:09:10 PM (wafu)
Mouse Driver loading too slow (Windows 7 Dell 17R N7110) (4)4/14/2014 9:15:45 PM (J Moore)
Toolbars. Adware/Spyware/Malware? (2)4/14/2014 10:23:09 AM (Joan Brown)