Solved Java not working, cannot access Windows Update

DugE · 2008/12/11

[Resolved] Java not working, cannot access Windows Update

I think my son downloaded a game that contained a virus but I cannot find it.
The game was Fish Tycoon from shockwave.com. After he played it ( trial version, only lasted an hour ) I uninstalled it. I soon found that I couldn't play a java game that I had been playing here and there for years. The site wouldn't allow signed permissions, only unsigned. I thought it strange since it never happened before. Then I noticed that I couldn't access Windows Update and that has never happened before.

Using HijackThis, I found nothing that I thought to be conflicting, but new stuff on board and really not sure. I did find a folder in Windows called 12schemas and I never saw that before. I searched it and got a lot of blah blah on schemas I didn't understand and one responce was in connection to a virus. I used HijackThis, CCleaner, search, regedit, and Viper antivirus/spyware for my search. Usually, these are all I need to clean any infection I get. Until now. I deleted the 12schemas in Windows but nothing was found in the registry. Rebooted. 12schemas gone but no changes were made to java and Wupdate.

Attached are the two files from rsit.

info.txt logfile of random's system information tool 1.04 2008-12-10 20:33:58

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
AT&T Internet Security Wizard 1.5.11--> "C:\Program Files\AT&T\Internet Security Wizard\unins000.exe "
BellSouth Application Management-->C:\WINDOWS\Motive\BellSouth\UninstallAppManagement.exe
CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
FreeZip-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\freezip.inf,Uninstall
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Works 7.0-->MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Gart Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA Gart Driver
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
Secunia PSI (RC4)--> "C:\Program Files\Secunia\PSI (RC4)\uninstall.exe "
Security Update for Windows Internet Explorer 7 (KB938127-v2)--> "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760)--> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953839)--> "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954459)--> "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
SpywareBlaster 4.1--> "C:\Program Files\SpywareBlaster\unins000.exe "
toolkit-->c:\Windows\HPTK\unhptkit.exe
Update for Windows XP (KB898461)--> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Updates from HP-->C:\WINDOWS\BWUnin-6.2.3.66.exe -AppId 137903
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Windows Internet Explorer 7--> "C:\WINDOWS\ie7\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

=====HijackThis Backups=====

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us9.hpwis.com/
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Sunbelt VIPRE
FW: ZoneAlarm Firewall (disabled)

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"windir "=%SystemRoot%
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION "=0209
"NUMBER_OF_PROCESSORS "=1
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK "=NO
"tvdumpflags "=8

-----------------EOF-----------------
--------------------------------------
--------------------------------------
--------------------------------------

Logfile of random's system information tool 1.04 (written by random/random)
Run by Owner at 2008-12-10 20:33:27
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 60 GB (86%) free of 69 GB
Total RAM: 247 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:33:52 PM, on 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\ps2.exe
C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://pbells.broadjump.com/wizlet/iw60/launch.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ISW.exe] "C:\Program Files\AT&T\Internet Security Wizard\ISW.exe" /AUTORUN
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1228958232656
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 3314 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv "=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"HotKeysCmds "=C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]
"Recguard "=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
"NvCplDaemon "=C:\WINDOWS\System32\NvCpl.dll [2003-05-03 4640768]
"AlcxMonitor "=ALCXMNTR.EXE []
"PS2 "=C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]
"ISW.exe "=C:\Program Files\AT&T\Internet Security Wizard\ISW.exe [2007-05-03 2061816]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"ZoneAlarm Client "=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-11-13 981904]
"SBAMTray "=C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe [2008-10-28 955688]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-10 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIEW "=C:\WINDOWS\System32\nview.dll [2003-05-03 835654]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupNotify]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\System32\igfxsrvc.dll [2003-04-07 315392]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe "= "C:\WINDOWS\system32\sessmgr.exe:*isabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======List of files/folders created in the last 3 months======

2008-12-10 20:33:27 ----D---- C:\rsit
2008-12-10 20:14:25 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-10 20:14:25 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-10 20:14:25 ----A---- C:\WINDOWS\system32\java.exe
2008-12-06 20:01:08 ----D---- C:\Documents and Settings\All Users\Application Data\Sunbelt
2008-12-06 20:00:55 ----D---- C:\Documents and Settings\Owner\Application Data\Sunbelt
2008-12-06 19:57:41 ----D---- C:\Program Files\Sunbelt Software
2008-12-06 15:00:12 ----A---- C:\WINDOWS\system32\zpeng25.dll
2008-12-05 15:31:05 ----D---- C:\Documents and Settings\All Users\Application Data\GoBit Games
2008-11-21 17:27:08 ----D---- C:\Program Files\Common Files\Adobe
2008-11-21 17:27:08 ----D---- C:\Program Files\Adobe
2008-11-21 16:58:58 ----D---- C:\Program Files\Secunia
2008-11-21 16:45:29 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-17 17:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-17 17:38:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-17 17:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-17 17:33:10 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-11-14 22:24:21 ----D---- C:\Program Files\CCleaner
2008-11-01 13:05:53 ----D---- C:\Documents and Settings\Owner\Application Data\Mozilla
2008-11-01 13:05:35 ----D---- C:\Program Files\Mozilla Firefox
2008-11-01 13:03:57 ----D---- C:\Program Files\RegSeeker
2008-11-01 12:57:29 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-01 12:57:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-01 12:53:35 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-01 12:53:19 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2008-11-01 12:53:17 ----D---- C:\Program Files\SpywareBlaster
2008-11-01 12:45:30 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-01 12:40:30 ----D---- C:\Program Files\Trend Micro
2008-11-01 12:38:23 ----D---- C:\WINDOWS\system32\unknown
2008-11-01 12:16:57 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2008-11-01 10:42:59 ----D---- C:\Tools
2008-11-01 10:42:47 ----D---- C:\UnZipped
2008-11-01 10:42:37 ----D---- C:\Downloads
2008-11-01 10:35:55 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-11-01 10:35:55 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-01 10:35:55 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-11-01 10:35:54 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-11-01 10:35:54 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-01 10:35:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-11-01 10:35:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-11-01 10:35:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-01 10:35:51 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-11-01 10:35:51 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-01 10:35:50 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-11-01 10:35:50 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-01 10:35:49 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-11-01 10:35:49 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-11-01 10:35:48 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-11-01 10:35:47 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-11-01 10:35:46 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-11-01 10:35:46 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-11-01 10:35:46 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-11-01 10:35:45 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-11-01 10:35:44 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-11-01 10:35:44 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-11-01 10:35:43 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-11-01 10:35:42 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-11-01 10:35:41 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-11-01 10:35:41 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-11-01 10:35:41 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-11-01 10:35:40 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-11-01 10:35:40 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-11-01 10:35:39 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-11-01 10:35:39 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-11-01 10:35:38 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-11-01 10:35:38 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-11-01 10:35:37 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-11-01 10:35:27 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-11-01 10:35:27 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-11-01 10:35:17 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-11-01 10:35:16 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-11-01 10:35:15 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-11-01 10:35:15 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-11-01 10:35:14 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-11-01 10:35:14 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-11-01 10:35:14 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-11-01 10:35:13 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-11-01 10:35:13 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-11-01 10:35:12 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-11-01 10:35:12 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-11-01 10:35:11 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-11-01 10:35:11 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-11-01 10:35:10 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-11-01 10:35:10 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-11-01 10:35:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-11-01 10:35:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-11-01 10:35:08 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-11-01 10:35:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-11-01 10:35:07 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-11-01 10:35:06 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-11-01 10:35:04 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-11-01 10:27:48 ----HD---- C:\WINDOWS\msdownld.tmp
2008-11-01 10:27:26 ----D---- C:\WINDOWS\Logs
2008-11-01 10:20:30 ----D---- C:\WINDOWS\Sun
2008-11-01 10:19:44 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-01 10:16:30 ----D---- C:\Documents and Settings\Owner\Application Data\Sun
2008-11-01 09:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-01 09:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-01 09:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-01 09:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-01 09:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-01 09:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-01 08:59:00 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-01 08:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-01 08:58:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-01 08:58:35 ----D---- C:\WINDOWS\ie7updates
2008-11-01 08:47:23 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-01 08:47:21 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-01 08:41:07 ----A---- C:\WINDOWS\system32\wups2.dll
2008-11-01 08:41:07 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-11-01 08:41:06 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-11-01 08:41:05 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-10-31 20:50:35 ----D---- C:\WINDOWS\WBEM
2008-10-31 20:49:05 ----HDC---- C:\WINDOWS\ie7
2008-10-31 20:48:48 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-10-31 20:48:19 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-10-31 20:10:31 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-10-31 20:10:16 ----A---- C:\WINDOWS\zllsputility.exe
2008-10-31 20:10:15 ----A---- C:\WINDOWS\system32\SpOrder.dll
2008-10-31 20:09:37 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-10-31 20:09:37 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2008-10-31 20:09:35 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-10-31 20:09:35 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-10-31 20:09:30 ----A---- C:\WINDOWS\system32\vswmi.dll
2008-10-31 20:09:29 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-10-31 20:09:29 ----D---- C:\Program Files\Zone Labs
2008-10-31 20:09:29 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-10-31 20:09:29 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-10-31 20:09:29 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-10-31 20:08:36 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-10-31 20:08:36 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-10-31 20:08:36 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-10-31 19:52:07 ----A---- C:\WINDOWS\system32\MCCDevice.dll
2008-10-31 19:52:07 ----A---- C:\WINDOWS\system32\MCC16.dll
2008-10-31 19:52:03 ----D---- C:\Program Files\Common Files\Motive
2008-10-31 19:26:34 ----D---- C:\WINDOWS\system32\NtmsData
2008-10-31 19:24:59 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2008-10-31 19:24:59 ----A---- C:\WINDOWS\system32\CEWMDM.dll
2008-10-31 19:24:58 ----A---- C:\WINDOWS\system32\wmdmps.dll
2008-10-31 19:24:58 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2008-10-31 19:24:58 ----A---- C:\WINDOWS\system32\mswmdm.dll
2008-10-31 19:19:39 ----D---- C:\WINDOWS\pss
2008-10-31 19:17:24 ----D---- C:\Documents and Settings\Owner\Application Data\Macromedia
2008-10-31 19:16:52 ----D---- C:\Documents and Settings\All Users\Application Data\MotiveSysIDs
2008-10-31 19:14:10 ----D---- C:\Documents and Settings\Owner\Application Data\AT&T
2008-10-31 19:14:05 ----D---- C:\Program Files\AT&T
2008-10-31 19:14:05 ----D---- C:\Documents and Settings\All Users\Application Data\AT&T
2008-10-31 19:11:04 ----D---- C:\WINDOWS\Motive
2008-10-31 19:10:50 ----D---- C:\Program Files\BellSouth Application Management
2008-10-31 19:10:45 ----D---- C:\Program Files\BellSouth
2008-10-31 18:43:52 ----D---- C:\WINDOWS\Internet Logs
2008-10-31 18:37:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-10-31 17:48:23 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-10-31 17:04:41 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-31 17:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-31 17:03:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-10-31 17:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-31 17:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-31 17:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-10-31 17:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-31 17:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-31 17:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-31 17:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-31 16:59:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-10-31 16:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-31 16:58:17 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-31 16:25:08 ----D---- C:\WINDOWS\Prefetch
2008-10-31 16:23:58 ----RSHD---- C:\cmdcons
2008-10-31 16:23:08 ----A---- C:\WINDOWS\system32\igfxres.dll
2008-10-31 16:20:47 ----A---- C:\WINDOWS\system32\rpcss.dll
2008-10-31 16:20:47 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-10-31 16:20:47 ----A---- C:\WINDOWS\system32\ole32.dll
2008-10-31 16:18:57 ----A---- C:\WINDOWS\system32\iAlmcoin.dll
2008-10-31 16:18:34 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-31 16:18:34 ----A---- C:\WINDOWS\system32\msxml6.dll
2008-10-31 16:18:17 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-10-31 16:18:16 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-31 16:18:16 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-31 16:18:07 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-10-31 16:18:07 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-10-31 16:18:07 ----D---- C:\WINDOWS\system32\en-us
2008-10-31 16:18:06 ----D---- C:\WINDOWS\system32\scripting
2008-10-31 16:18:04 ----D---- C:\WINDOWS\system32\en
2008-10-31 16:18:04 ----D---- C:\WINDOWS\system32\bits
2008-10-31 16:14:24 ----A---- C:\WINDOWS\ModemLog_Lucent Win Modem.txt
2008-10-31 16:13:27 ----D---- C:\WINDOWS\network diagnostic
2008-10-31 15:49:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-31 15:45:33 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-31 15:40:02 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-10-31 15:39:05 ----N---- C:\WINDOWS\system32\logman.exe
2008-10-31 15:39:04 ----N---- C:\WINDOWS\system32\proxycfg.exe
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\auditusr.exe
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\btpanui.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bthserv.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bthci.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\ieencode.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\httpapi.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fwcfg.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fltmc.exe
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fltlib.dll
2008-10-31 15:38:50 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-10-31 15:38:47 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-31 15:38:47 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-10-31 15:38:47 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-10-31 15:38:46 ----N---- C:\WINDOWS\system32\msdadiag.dll
2008-10-31 15:38:43 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2psvc.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2p.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\winshfhc.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\w3ssl.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\twext.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\strmfilt.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2008-10-31 15:38:38 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2008-10-31 15:38:38 ----N---- C:\WINDOWS\system32\wshbth.dll
2008-10-31 15:38:38 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-31 15:38:38 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-10-31 15:38:38 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\xpob2res.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\xmlprov.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\slrundll.exe
2008-10-31 15:38:37 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-31 15:38:37 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-31 15:38:37 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-31 15:38:34 ----D---- C:\WINDOWS\peernet
2008-10-31 15:38:33 ----D---- C:\WINDOWS\provisioning
2008-10-31 15:36:37 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-31 15:34:27 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2008-10-31 15:32:59 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-10-31 15:30:35 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-31 15:30:29 ----D---- C:\WINDOWS\EHome
2008-10-30 23:14:10 ----SHD---- C:\RECYCLER
2008-10-30 23:12:26 ----RASH---- C:\BOOT.BAK
2008-10-30 23:12:16 ----A---- C:\WINDOWS\UPGRADE.TXT
2008-10-30 23:12:12 ----D---- C:\WINDOWS\setup.pss
2008-10-30 23:09:15 ----HDC---- C:\WINDOWS\$NtUninstallKB824146$
2008-10-30 23:08:28 ----D---- C:\Program Files\Java
2008-10-30 23:06:51 ----HDC---- C:\WINDOWS\$NtUninstallQ331958$
2008-10-30 23:06:41 ----HDC---- C:\WINDOWS\$NtUninstallQ329909$
2008-10-30 23:06:32 ----HDC---- C:\WINDOWS\$NtUninstallq329256$
2008-10-30 23:06:23 ----HDC---- C:\WINDOWS\$NtUninstallQ327979$
2008-10-30 23:06:12 ----HDC---- C:\WINDOWS\$NtUninstallQ811789$
2008-10-30 23:02:44 ----SHD---- C:\System Volume Information
2008-10-30 22:51:42 ----D---- C:\I386
2008-10-30 22:41:30 ----RD---- C:\Program Files
2008-10-30 22:41:15 ----RSD---- C:\WINDOWS\assembly
2008-10-30 22:41:04 ----RD---- C:\WINDOWS\Offline Web Pages
2008-10-28 16:28:12 ----A---- C:\WINDOWS\system32\sbbd.exe

======List of files/folders modified in the last 3 months======

2008-12-10 20:59:20 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-10 20:17:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-10 20:17:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-10 20:14:56 ----SHD---- C:\WINDOWS\Installer
2008-12-10 20:14:29 ----D---- C:\WINDOWS\system32
2008-12-10 20:13:29 ----D---- C:\WINDOWS
2008-12-10 20:03:08 ----D---- C:\WINDOWS\Temp
2008-12-06 20:45:58 ----HD---- C:\WINDOWS\inf
2008-12-06 20:45:58 ----D---- C:\WINDOWS\PCHealth
2008-12-06 20:44:43 ----D---- C:\Program Files\Common Files
2008-12-06 20:44:37 ----D---- C:\WINDOWS\system32\drivers
2008-12-06 20:01:59 ----SD---- C:\WINDOWS\Tasks
2008-12-06 14:57:47 ----D---- C:\WINDOWS\WinSxS
2008-11-22 13:12:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-22 13:12:52 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-22 10:40:23 ----RASH---- C:\boot.ini
2008-11-22 10:40:22 ----A---- C:\WINDOWS\win.ini
2008-11-22 10:40:22 ----A---- C:\WINDOWS\system.ini
2008-11-19 10:08:23 ----D---- C:\WINDOWS\Debug
2008-11-17 17:33:17 ----D---- C:\WINDOWS\Help
2008-11-13 13:00:05 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2008-11-04 14:57:24 ----D---- C:\Documents and Settings\Owner\Application Data\Sonic
2008-11-02 09:06:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-01 11:47:36 ----D---- C:\Program Files\Messenger
2008-11-01 10:35:59 ----D---- C:\WINDOWS\system32\DirectX
2008-11-01 09:03:42 ----D---- C:\Program Files\Internet Explorer
2008-10-31 20:50:43 ----D---- C:\WINDOWS\system32\config
2008-10-31 20:50:26 ----D---- C:\WINDOWS\Media
2008-10-31 19:52:56 ----D---- C:\Documents and Settings\Owner\Application Data\interMute
2008-10-31 19:46:46 ----D---- C:\Program Files\Common Files\Real
2008-10-31 19:26:52 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-31 19:26:31 ----D---- C:\Program Files\Hewlett-Packard
2008-10-31 19:25:05 ----D---- C:\Program Files\Windows Media Player
2008-10-31 19:24:23 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-31 19:16:23 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-10-31 19:11:14 ----D---- C:\Documents and Settings\All Users\Application Data\Motive
2008-10-31 19:09:49 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-10-31 17:16:35 ----D---- C:\WINDOWS\system32\URTTemp
2008-10-31 17:16:22 ----D---- C:\WINDOWS\Registration
2008-10-31 17:13:00 ----HD---- C:\hp
2008-10-31 17:00:48 ----D---- C:\Program Files\HP
2008-10-31 16:24:38 ----D---- C:\WINDOWS\system32\Setup
2008-10-31 16:24:38 ----D---- C:\WINDOWS\AppPatch
2008-10-31 16:24:37 ----D---- C:\WINDOWS\system32\wbem
2008-10-31 16:24:36 ----RSD---- C:\WINDOWS\Fonts
2008-10-31 16:24:05 ----D---- C:\WINDOWS\security
2008-10-31 16:22:56 ----D---- C:\WINDOWS\system32\FxsTmp
2008-10-31 16:18:19 ----D---- C:\WINDOWS\ime
2008-10-31 16:18:07 ----D---- C:\WINDOWS\system32\usmt
2008-10-31 16:18:03 ----D---- C:\Program Files\Movie Maker
2008-10-31 16:15:22 ----D---- C:\WINDOWS\system32\Restore
2008-10-31 16:15:22 ----D---- C:\WINDOWS\system32\npp
2008-10-31 16:15:20 ----D---- C:\WINDOWS\msagent
2008-10-31 16:15:19 ----D---- C:\WINDOWS\srchasst
2008-10-31 16:15:19 ----D---- C:\Program Files\NetMeeting
2008-10-31 16:15:18 ----D---- C:\WINDOWS\system32\Com
2008-10-31 16:15:15 ----D---- C:\Program Files\Windows NT
2008-10-31 16:15:15 ----D---- C:\Program Files\Outlook Express
2008-10-31 16:15:11 ----D---- C:\Program Files\Common Files\System
2008-10-31 16:14:55 ----D---- C:\WINDOWS\system32\oobe
2008-10-31 16:14:53 ----D---- C:\WINDOWS\system
2008-10-31 16:11:44 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-31 16:09:50 ----D---- C:\WINDOWS\MSBN
2008-10-31 16:03:12 ----D---- C:\WINDOWS\system32\ras
2008-10-31 16:02:57 ----D---- C:\WINDOWS\system32\icsxml
2008-10-31 16:02:57 ----D---- C:\WINDOWS\system32\ias
2008-10-31 16:02:00 ----D---- C:\WINDOWS\addins
2008-10-31 16:01:49 ----D---- C:\WINDOWS\Cursors
2008-10-31 16:01:47 ----HDC---- C:\WINDOWS\$NtUninstallQ329112$
2008-10-31 16:01:38 ----D---- C:\Program Files\Common Files\Services
2008-10-31 15:39:03 ----D---- C:\WINDOWS\system32\mui
2008-10-31 15:34:28 ----RD---- C:\WINDOWS\Web
2008-10-31 15:34:12 ----RASH---- C:\NTDETECT.COM
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-03 12:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2003-08-23 57216]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 sbaphd;sbaphd; C:\WINDOWS\system32\drivers\sbaphd.sys [2008-09-12 13360]
R1 sbtis;sbtis; C:\WINDOWS\system32\drivers\sbtis.sys [2008-10-09 202928]
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-11-13 353680]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-29 12032]
R2 sbapifs;sbapifs; C:\WINDOWS\system32\drivers\sbapifs.sys [2008-09-12 69168]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-07-01 756444]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
R3 ltmodem5;Lucent Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2003-03-31 625537]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 37760]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-10-27 7808]
S3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
S3 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-10 152984]
R2 SBAMSvc;VIPRE Antivirus + Antispyware; C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe [2008-10-28 886056]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-11-13 2405776]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-05-03 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S4 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-09-01 303104]

-----------------EOF-----------------

noahdfear · 2008/12/13

Hi dopey,

I would have been interested in seeing what that 12schemas folder contained

First, please use Add/Remove programs to uninstall all versions of Java.
Reboot when done.
Now run another scan with RSIT.
Near the bottom of the log, see if there is still an entry for JavaQuickStarterService as shown below.

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-10 152984]
Click to expand...

If present, copy the following command.

sc stop JavaQuickStarterService

Click Start>Run and paste the command then hit Enter. Now, repeat with this next command.

sc delete JavaQuickStarterService

Please download JavaRa and save the file to your desktop.

Right click and Extract All

Once extracted, open and run JavaRa.exe

Click Remove Older Versions in the JavaRa interface and allow it to proceed

When that is complete, click Additional Tasks, then select Remove Useless JRE Files and click Go

Exit the tool when complete.

Now, go here and install the latest version of Java.

Restart once more and see if Java is working again.

What exactly happens when trying to access Windows Update?

DugE · 2008/12/13

Hi Noahdfear.

Didn't realize you examined files until I was reading some of the other posts here. I've kinda been the type that if I don't know what it is I just delete that sucker. Oh well. it happens.

I uninstalled all java. No entry for JavaQuickStarterService in the new log. I run the JavaRa.exe anyway tho to be sure. Downloaded and installed Java 6.11. Rebooted and found java to be working properly again. Thank you.

Tried Windows Update again. Worked this time. No problems. Before the site wouldn't allow me access. Forgot the wording used. Was frustrated at the time and I didn't go back after I had cooled off.

I do have a minor issue left. The clock won't keep time no matter what I do. It'll last until I reboot, then it reverts to a 4 hour or so change. This was another issue that happened with the other just forgot to mention it at the time.

Also, if there are any more detections noted in the RSIT log I would appreciate knowing so I could clear em up.

What happened with java? Version 6.11 was the only version installed that I uninstalled with the Add/Remove feature. Uninstalled all others several months back.

Thanks again for everything.

-------------------------------------------------------------------------

Logfile of random's system information tool 1.04 (written by random/random)
Run by Owner at 2008-12-12 17:21:57
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 59 GB (85%) free of 69 GB
Total RAM: 247 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:22:13 PM, on 12/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://pbells.broadjump.com/wizlet/iw60/launch.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ISW.exe] "C:\Program Files\AT&T\Internet Security Wizard\ISW.exe" /AUTORUN
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1228958232656
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 4000 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv "=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"HotKeysCmds "=C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]
"Recguard "=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
"NvCplDaemon "=C:\WINDOWS\System32\NvCpl.dll [2003-05-03 4640768]
"AlcxMonitor "=ALCXMNTR.EXE []
"PS2 "=C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]
"ISW.exe "=C:\Program Files\AT&T\Internet Security Wizard\ISW.exe [2007-05-03 2061816]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"ZoneAlarm Client "=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-11-13 981904]
"avgnt "=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIEW "=C:\WINDOWS\System32\nview.dll [2003-05-03 835654]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\System32\igfxsrvc.dll [2003-04-07 315392]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=323
"NoDrives "=0
"NoDriveAutoRun "=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=
"NoDriveAutoRun "=
"NoDriveTypeAutoRun "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe "= "C:\WINDOWS\system32\sessmgr.exe:*isabledxpsp2res.dll,-22019 "
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe "= "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*isabledxpsp3res.dll,-20000 "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======List of files/folders created in the last 3 months======

2008-12-12 17:21:57 ----D---- C:\rsit
2008-12-12 10:29:51 ----D---- C:\WINDOWS\SxsCaPendDel
2008-12-12 10:06:52 ----D---- C:\Program Files\Avira
2008-12-12 09:56:34 ----D---- C:\Program Files\Lavasoft
2008-12-12 09:55:33 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-11 20:17:17 ----D---- C:\WINDOWS\.jagex_cache_32
2008-12-10 20:53:10 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-10 20:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-10 20:52:06 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-10 20:51:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-10 20:51:37 ----D---- C:\Program Files\MSXML 4.0
2008-12-10 20:19:14 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\zip.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\VFIND.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\SWSC.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\SWREG.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\sed.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\grep.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\fdsv.exe
2008-12-10 20:19:03 ----D---- C:\WINDOWS\ERDNT
2008-12-10 20:15:25 ----SHD---- C:\RECYCLER
2008-12-06 15:00:12 ----A---- C:\WINDOWS\system32\zpeng25.dll
2008-11-21 17:27:08 ----D---- C:\Program Files\Common Files\Adobe
2008-11-21 17:27:08 ----D---- C:\Program Files\Adobe
2008-11-21 16:58:58 ----D---- C:\Program Files\Secunia
2008-11-21 16:45:29 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-17 17:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-17 17:38:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-17 17:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-17 17:33:10 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-11-14 22:24:21 ----D---- C:\Program Files\CCleaner
2008-11-01 13:05:53 ----D---- C:\Documents and Settings\Owner\Application Data\Mozilla
2008-11-01 13:05:35 ----D---- C:\Program Files\Mozilla Firefox
2008-11-01 13:03:57 ----D---- C:\Program Files\RegSeeker
2008-11-01 12:57:29 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-01 12:57:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-01 12:53:35 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-01 12:53:19 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2008-11-01 12:53:17 ----D---- C:\Program Files\SpywareBlaster
2008-11-01 12:45:30 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-01 12:40:30 ----D---- C:\Program Files\Trend Micro
2008-11-01 12:38:23 ----D---- C:\WINDOWS\system32\unknown
2008-11-01 12:16:57 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2008-11-01 10:42:59 ----D---- C:\Tools
2008-11-01 10:42:47 ----D---- C:\UnZipped
2008-11-01 10:42:37 ----D---- C:\Downloads
2008-11-01 10:35:55 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-11-01 10:35:55 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-01 10:35:55 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-11-01 10:35:54 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-11-01 10:35:54 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-01 10:35:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-11-01 10:35:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-11-01 10:35:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-01 10:35:51 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-11-01 10:35:51 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-01 10:35:50 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-11-01 10:35:50 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-01 10:35:49 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-11-01 10:35:49 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-11-01 10:35:48 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-11-01 10:35:47 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-11-01 10:35:46 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-11-01 10:35:46 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-11-01 10:35:46 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-11-01 10:35:45 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-11-01 10:35:44 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-11-01 10:35:44 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-11-01 10:35:43 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-11-01 10:35:42 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-11-01 10:35:41 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-11-01 10:35:41 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-11-01 10:35:41 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-11-01 10:35:40 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-11-01 10:35:40 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-11-01 10:35:39 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-11-01 10:35:39 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-11-01 10:35:38 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-11-01 10:35:38 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-11-01 10:35:37 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-11-01 10:35:27 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-11-01 10:35:27 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-11-01 10:35:17 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-11-01 10:35:16 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-11-01 10:35:15 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-11-01 10:35:15 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-11-01 10:35:14 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-11-01 10:35:14 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-11-01 10:35:14 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-11-01 10:35:13 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-11-01 10:35:13 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-11-01 10:35:12 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-11-01 10:35:12 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-11-01 10:35:11 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-11-01 10:35:11 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-11-01 10:35:10 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-11-01 10:35:10 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-11-01 10:35:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-11-01 10:35:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-11-01 10:35:08 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-11-01 10:35:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-11-01 10:35:07 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-11-01 10:35:06 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-11-01 10:35:04 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-11-01 10:27:48 ----HD---- C:\WINDOWS\msdownld.tmp
2008-11-01 10:27:26 ----D---- C:\WINDOWS\Logs
2008-11-01 10:20:30 ----D---- C:\WINDOWS\Sun
2008-11-01 10:19:44 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-01 10:16:30 ----D---- C:\Documents and Settings\Owner\Application Data\Sun
2008-11-01 09:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-01 09:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-01 09:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-01 09:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-01 09:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-01 09:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-01 08:59:00 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-01 08:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-01 08:58:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-01 08:58:35 ----D---- C:\WINDOWS\ie7updates
2008-11-01 08:47:23 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-01 08:47:21 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-01 08:41:07 ----A---- C:\WINDOWS\system32\wups2.dll
2008-11-01 08:41:07 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-11-01 08:41:06 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-11-01 08:41:05 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-10-31 20:50:35 ----D---- C:\WINDOWS\WBEM
2008-10-31 20:49:05 ----HDC---- C:\WINDOWS\ie7
2008-10-31 20:48:48 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-10-31 20:48:19 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-10-31 20:10:16 ----A---- C:\WINDOWS\zllsputility.exe
2008-10-31 20:10:15 ----A---- C:\WINDOWS\system32\SpOrder.dll
2008-10-31 20:09:37 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-10-31 20:09:37 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2008-10-31 20:09:35 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-10-31 20:09:35 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-10-31 20:09:30 ----A---- C:\WINDOWS\system32\vswmi.dll
2008-10-31 20:09:29 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-10-31 20:09:29 ----D---- C:\Program Files\Zone Labs
2008-10-31 20:09:29 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-10-31 20:09:29 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-10-31 20:09:29 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-10-31 20:08:36 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-10-31 20:08:36 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-10-31 20:08:36 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-10-31 19:52:07 ----A---- C:\WINDOWS\system32\MCCDevice.dll
2008-10-31 19:52:07 ----A---- C:\WINDOWS\system32\MCC16.dll
2008-10-31 19:52:03 ----D---- C:\Program Files\Common Files\Motive
2008-10-31 19:26:34 ----D---- C:\WINDOWS\system32\NtmsData
2008-10-31 19:24:59 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2008-10-31 19:24:59 ----A---- C:\WINDOWS\system32\CEWMDM.dll
2008-10-31 19:24:58 ----A---- C:\WINDOWS\system32\wmdmps.dll
2008-10-31 19:24:58 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2008-10-31 19:24:58 ----A---- C:\WINDOWS\system32\mswmdm.dll
2008-10-31 19:19:39 ----D---- C:\WINDOWS\pss
2008-10-31 19:17:24 ----D---- C:\Documents and Settings\Owner\Application Data\Macromedia
2008-10-31 19:14:10 ----D---- C:\Documents and Settings\Owner\Application Data\AT&T
2008-10-31 19:14:05 ----D---- C:\Program Files\AT&T
2008-10-31 19:14:05 ----D---- C:\Documents and Settings\All Users\Application Data\AT&T
2008-10-31 19:11:04 ----D---- C:\WINDOWS\Motive
2008-10-31 19:10:50 ----D---- C:\Program Files\BellSouth Application Management
2008-10-31 19:10:45 ----D---- C:\Program Files\BellSouth
2008-10-31 18:43:52 ----D---- C:\WINDOWS\Internet Logs
2008-10-31 18:37:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-10-31 17:04:41 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-31 17:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-31 17:03:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-10-31 17:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-31 17:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-31 17:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-10-31 17:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-31 17:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-31 17:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-31 17:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-31 16:59:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-10-31 16:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-31 16:58:17 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-31 16:25:08 ----D---- C:\WINDOWS\Prefetch
2008-10-31 16:23:58 ----RSHD---- C:\cmdcons
2008-10-31 16:23:08 ----A---- C:\WINDOWS\system32\igfxres.dll
2008-10-31 16:20:47 ----A---- C:\WINDOWS\system32\rpcss.dll
2008-10-31 16:20:47 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-10-31 16:20:47 ----A---- C:\WINDOWS\system32\ole32.dll
2008-10-31 16:18:34 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-31 16:18:34 ----A---- C:\WINDOWS\system32\msxml6.dll
2008-10-31 16:18:17 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-10-31 16:18:16 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-31 16:18:16 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-31 16:18:07 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-10-31 16:18:07 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-10-31 16:18:07 ----D---- C:\WINDOWS\system32\en-us
2008-10-31 16:18:06 ----D---- C:\WINDOWS\system32\scripting
2008-10-31 16:18:04 ----D---- C:\WINDOWS\system32\en
2008-10-31 16:18:04 ----D---- C:\WINDOWS\system32\bits
2008-10-31 16:14:24 ----A---- C:\WINDOWS\ModemLog_Lucent Win Modem.txt
2008-10-31 16:13:27 ----D---- C:\WINDOWS\network diagnostic
2008-10-31 15:49:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-31 15:45:33 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-31 15:40:02 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-10-31 15:39:05 ----N---- C:\WINDOWS\system32\logman.exe
2008-10-31 15:39:04 ----N---- C:\WINDOWS\system32\proxycfg.exe
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\auditusr.exe
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\btpanui.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bthserv.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bthci.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\ieencode.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\httpapi.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fwcfg.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fltmc.exe
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fltlib.dll
2008-10-31 15:38:50 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-10-31 15:38:47 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-31 15:38:47 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-10-31 15:38:47 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-10-31 15:38:46 ----N---- C:\WINDOWS\system32\msdadiag.dll
2008-10-31 15:38:43 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2psvc.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2p.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\winshfhc.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\w3ssl.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\twext.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\strmfilt.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2008-10-31 15:38:38 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2008-10-31 15:38:38 ----N---- C:\WINDOWS\system32\wshbth.dll
2008-10-31 15:38:38 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-31 15:38:38 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-10-31 15:38:38 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\xpob2res.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\xmlprov.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\slrundll.exe
2008-10-31 15:38:37 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-31 15:38:37 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-31 15:38:37 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-31 15:38:34 ----D---- C:\WINDOWS\peernet
2008-10-31 15:38:33 ----D---- C:\WINDOWS\provisioning
2008-10-31 15:36:37 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-31 15:34:27 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2008-10-31 15:32:59 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-10-31 15:30:35 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-31 15:30:29 ----D---- C:\WINDOWS\EHome
2008-10-30 23:12:26 ----RASH---- C:\BOOT.BAK
2008-10-30 23:12:16 ----A---- C:\WINDOWS\UPGRADE.TXT
2008-10-30 23:12:12 ----D---- C:\WINDOWS\setup.pss
2008-10-30 23:09:15 ----HDC---- C:\WINDOWS\$NtUninstallKB824146$
2008-10-30 23:06:51 ----HDC---- C:\WINDOWS\$NtUninstallQ331958$
2008-10-30 23:06:41 ----HDC---- C:\WINDOWS\$NtUninstallQ329909$
2008-10-30 23:06:32 ----HDC---- C:\WINDOWS\$NtUninstallq329256$
2008-10-30 23:06:23 ----HDC---- C:\WINDOWS\$NtUninstallQ327979$
2008-10-30 23:06:12 ----HDC---- C:\WINDOWS\$NtUninstallQ811789$
2008-10-30 23:02:44 ----SHD---- C:\System Volume Information
2008-10-30 22:51:42 ----D---- C:\I386
2008-10-30 22:41:30 ----RD---- C:\Program Files
2008-10-30 22:41:15 ----RSD---- C:\WINDOWS\assembly
2008-10-30 22:41:04 ----RD---- C:\WINDOWS\Offline Web Pages
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll

======List of files/folders modified in the last 3 months======

2008-12-12 17:54:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-12 17:53:03 ----SHD---- C:\WINDOWS\Installer
2008-12-12 17:52:34 ----D---- C:\WINDOWS\system32
2008-12-12 17:29:59 ----D---- C:\WINDOWS\Debug
2008-12-12 17:16:43 ----D---- C:\WINDOWS\Temp
2008-12-12 17:16:38 ----D---- C:\WINDOWS
2008-12-12 10:29:52 ----D---- C:\WINDOWS\WinSxS
2008-12-12 10:29:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-12 10:03:39 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2008-12-12 10:03:38 ----D---- C:\WINDOWS\system32\drivers
2008-12-12 10:02:54 ----D---- C:\WINDOWS\system32\Macromed
2008-12-12 09:55:33 ----D---- C:\Program Files\Common Files
2008-12-10 20:55:49 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-10 20:53:22 ----D---- C:\Program Files\Internet Explorer
2008-12-10 20:53:15 ----HD---- C:\WINDOWS\inf
2008-12-10 20:21:37 ----A---- C:\WINDOWS\system.ini
2008-12-10 20:20:58 ----D---- C:\WINDOWS\AppPatch
2008-12-10 20:17:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-06 20:45:58 ----D---- C:\WINDOWS\PCHealth
2008-12-06 20:01:59 ----SD---- C:\WINDOWS\Tasks
2008-11-22 13:12:52 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-22 10:40:23 ----RASH---- C:\boot.ini
2008-11-22 10:40:22 ----A---- C:\WINDOWS\win.ini
2008-11-17 17:33:17 ----D---- C:\WINDOWS\Help
2008-11-07 16:45:32 ----A---- C:\WINDOWS\system32\WMVCore.dll
2008-11-04 14:57:24 ----D---- C:\Documents and Settings\Owner\Application Data\Sonic
2008-11-02 09:06:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-01 11:47:36 ----D---- C:\Program Files\Messenger
2008-11-01 10:35:59 ----D---- C:\WINDOWS\system32\DirectX
2008-10-31 20:50:43 ----D---- C:\WINDOWS\system32\config
2008-10-31 20:50:26 ----D---- C:\WINDOWS\Media
2008-10-31 19:46:46 ----D---- C:\Program Files\Common Files\Real
2008-10-31 19:26:52 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-31 19:26:31 ----D---- C:\Program Files\Hewlett-Packard
2008-10-31 19:25:05 ----D---- C:\Program Files\Windows Media Player
2008-10-31 19:24:23 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-31 19:16:23 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-10-31 17:16:35 ----D---- C:\WINDOWS\system32\URTTemp
2008-10-31 17:16:22 ----D---- C:\WINDOWS\Registration
2008-10-31 17:13:00 ----HD---- C:\hp
2008-10-31 17:00:48 ----D---- C:\Program Files\HP
2008-10-31 16:24:38 ----D---- C:\WINDOWS\system32\Setup
2008-10-31 16:24:37 ----D---- C:\WINDOWS\system32\wbem
2008-10-31 16:24:36 ----RSD---- C:\WINDOWS\Fonts
2008-10-31 16:24:05 ----D---- C:\WINDOWS\security
2008-10-31 16:22:56 ----D---- C:\WINDOWS\system32\FxsTmp
2008-10-31 16:18:19 ----D---- C:\WINDOWS\ime
2008-10-31 16:18:07 ----D---- C:\WINDOWS\system32\usmt
2008-10-31 16:18:03 ----D---- C:\Program Files\Movie Maker
2008-10-31 16:15:22 ----D---- C:\WINDOWS\system32\Restore
2008-10-31 16:15:22 ----D---- C:\WINDOWS\system32\npp
2008-10-31 16:15:20 ----D---- C:\WINDOWS\msagent
2008-10-31 16:15:19 ----D---- C:\WINDOWS\srchasst
2008-10-31 16:15:19 ----D---- C:\Program Files\NetMeeting
2008-10-31 16:15:18 ----D---- C:\WINDOWS\system32\Com
2008-10-31 16:15:15 ----D---- C:\Program Files\Windows NT
2008-10-31 16:15:15 ----D---- C:\Program Files\Outlook Express
2008-10-31 16:15:11 ----D---- C:\Program Files\Common Files\System
2008-10-31 16:14:55 ----D---- C:\WINDOWS\system32\oobe
2008-10-31 16:14:53 ----D---- C:\WINDOWS\system
2008-10-31 16:11:44 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-31 16:09:50 ----D---- C:\WINDOWS\MSBN
2008-10-31 16:03:12 ----D---- C:\WINDOWS\system32\ras
2008-10-31 16:02:57 ----D---- C:\WINDOWS\system32\icsxml
2008-10-31 16:02:57 ----D---- C:\WINDOWS\system32\ias
2008-10-31 16:02:00 ----D---- C:\WINDOWS\addins
2008-10-31 16:01:49 ----D---- C:\WINDOWS\Cursors
2008-10-31 16:01:47 ----HDC---- C:\WINDOWS\$NtUninstallQ329112$
2008-10-31 16:01:38 ----D---- C:\Program Files\Common Files\Services
2008-10-31 15:39:03 ----D---- C:\WINDOWS\system32\mui
2008-10-31 15:34:28 ----RD---- C:\WINDOWS\Web
2008-10-31 15:34:12 ----RASH---- C:\NTDETECT.COM
2008-10-23 07:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-17 02:08:40 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-10-16 15:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\url.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\occache.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\mstime.dll
2008-10-16 15:38:38 ----A---- C:\WINDOWS\system32\msrating.dll
2008-10-16 15:38:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
2008-10-16 15:38:34 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-10-16 15:38:34 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-16 15:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 08:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-10-16 08:11:09 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 02:04:53 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-10-03 05:02:42 ----A---- C:\WINDOWS\system32\strmdll.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2003-08-23 57216]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-12-12 75072]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-11-13 353680]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-29 12032]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-07-01 756444]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
R3 ltmodem5;Lucent Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2003-03-31 625537]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 37760]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-10-27 7808]
S3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
S3 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-12-12 611664]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-11-13 2405776]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-05-03 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S4 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-09-01 303104]

-----------------EOF-----------------

noahdfear · 2008/12/13

Your log looks fine.

I'm guessing Java was somehow corrupted.

Click Start>Run and type timedate.cpl then hit Enter.
Select the Timezone tab and verify the setting is correct for your location.
You might even try setting it wrong, click Apply, set it right, click Apply.
OK out when done.
Let me know if that behavior persists.

Happy to hear Windows Update is resolving properly again.

DugE · 2008/12/13

Behavior still persists. Used the timedate.cpl and rebooted. Got to the saving your settings screen and comp just froze. Waited a couple of minutes then tried to shut down via switch on comp. No go. Had to unplug comp. Restarted and mouse wouldn't work. Had to restart sucessfully a couple of times before it worked. Clock reads 1.40pm should read 2.45pm. Checked cable behind comp. all ok. Must be Freaky Saturday.

noahdfear · 2008/12/13

Is the Daylight Savings Time option checked?

DugE · 2008/12/13

Yeah, its checked.

noahdfear · 2008/12/13

Try unchecking it, reset the clock and reboot.

DugE · 2008/12/13

Seems to be ok for now. It didn't lose its setting during the reboot at least. Wonder why removing the check made the difference. Never messed with it before. Oh well, it works. Thanks for your help Noahdfear.

noahdfear · 2008/12/13

Mine hasn't been right since they messed with timechange a while back.

Glad I could help.

DugE · 2008/12/14

Java not working, clock wont keep time

Didn't know if I should make this new post or add to other post which is only about 6-7 post down.

Same symptoms. This time no reboot required. Was watching tv on hulu. When the show finished I closed firefox. Glanced at the clock, saw it was off. Tried java, saw it out of wack again. Error message from Runescape:

"You are seeing this page because we could not start RuneScape on your computer in 'signed' mode. This means that you did not (or were not able to) grant permission to RuneScape to run as it normally does. To avoid seeing this page again, please ensure that you accept the pop-up security warning that appears a few seconds after loading the game. If this pop-up does not appear, try rebooting your machine and make sure you click 'Yes' when asked if you want to trust the RuneScape applet. "

The popup did not appear so I rebooted. Never asked if I wanted to trust the applet just got the above warning.

========================================================

info.txt logfile of random's system information tool 1.04 2008-12-13 15:57:29

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
AT&T Internet Security Wizard 1.5.11--> "C:\Program Files\AT&T\Internet Security Wizard\unins000.exe "
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BellSouth Application Management-->C:\WINDOWS\Motive\BellSouth\UninstallAppManagement.exe
CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
FreeZip-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\freezip.inf,Uninstall
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Works 7.0-->MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Gart Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA Gart Driver
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
PS2-->C:\WINDOWS\system32\ps2.exe uninstall
RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
S3Display-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay-->s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
Secunia PSI (RC4)--> "C:\Program Files\Secunia\PSI (RC4)\uninstall.exe "
Security Update for Windows Internet Explorer 7 (KB938127-v2)--> "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB958215)--> "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB952069)--> "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760)--> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953839)--> "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954459)--> "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954600)--> "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956802)--> "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
SpywareBlaster 4.1--> "C:\Program Files\SpywareBlaster\unins000.exe "
toolkit-->c:\Windows\HPTK\unhptkit.exe
Update for Windows XP (KB898461)--> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Update for Windows XP (KB955839)--> "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe "
Updates from HP-->C:\WINDOWS\BWUnin-6.2.3.66.exe -AppId 137903
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Windows Internet Explorer 7--> "C:\WINDOWS\ie7\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

=====HijackThis Backups=====

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us9.hpwis.com/
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us9.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us9.hpwis.com/
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Avira AntiVir PersonalEdition
FW: ZoneAlarm Firewall (disabled)

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"windir "=%SystemRoot%
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION "=0209
"NUMBER_OF_PROCESSORS "=1
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK "=NO
"tvdumpflags "=8

-----------------EOF-----------------

-------------------------------------

Logfile of random's system information tool 1.04 (written by random/random)
Run by Owner at 2008-12-13 15:57:08
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 59 GB (85%) free of 69 GB
Total RAM: 247 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:57:26 PM, on 12/13/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\ps2.exe
C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://pbells.broadjump.com/wizlet/iw60/launch.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ISW.exe] "C:\Program Files\AT&T\Internet Security Wizard\ISW.exe" /AUTORUN
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe "
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1228958232656
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 4539 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-12 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-12 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-12 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv "=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"HotKeysCmds "=C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]
"Recguard "=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]
"NvCplDaemon "=C:\WINDOWS\System32\NvCpl.dll [2003-05-03 4640768]
"AlcxMonitor "=ALCXMNTR.EXE []
"PS2 "=C:\WINDOWS\system32\ps2.exe [2002-10-16 81920]
"ISW.exe "=C:\Program Files\AT&T\Internet Security Wizard\ISW.exe [2007-05-03 2061816]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"ZoneAlarm Client "=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-11-13 981904]
"avgnt "=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-12 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIEW "=C:\WINDOWS\System32\nview.dll [2003-05-03 835654]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet /keeploaded /nodetect []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\System32\igfxsrvc.dll [2003-04-07 315392]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=323
"NoDrives "=0
"NoDriveAutoRun "=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=
"NoDriveAutoRun "=
"NoDriveTypeAutoRun "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe "= "C:\WINDOWS\system32\sessmgr.exe:*isabledxpsp2res.dll,-22019 "
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe "= "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*isabledxpsp3res.dll,-20000 "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======List of files/folders created in the last 3 months======

2008-12-13 15:57:08 ----D---- C:\rsit
2008-12-13 12:44:50 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-12 17:36:28 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-12 17:36:28 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-12 17:36:28 ----A---- C:\WINDOWS\system32\java.exe
2008-12-12 17:36:00 ----D---- C:\Program Files\Java
2008-12-12 10:29:51 ----D---- C:\WINDOWS\SxsCaPendDel
2008-12-12 10:06:52 ----D---- C:\Program Files\Avira
2008-12-12 09:56:34 ----D---- C:\Program Files\Lavasoft
2008-12-12 09:55:33 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-11 20:17:17 ----D---- C:\WINDOWS\.jagex_cache_32
2008-12-10 20:53:10 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-10 20:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-10 20:52:06 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-10 20:51:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-10 20:51:37 ----D---- C:\Program Files\MSXML 4.0
2008-12-10 20:19:14 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\zip.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\VFIND.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\SWSC.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\SWREG.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\sed.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\grep.exe
2008-12-10 20:19:13 ----A---- C:\WINDOWS\fdsv.exe
2008-12-10 20:19:03 ----D---- C:\WINDOWS\ERDNT
2008-12-10 20:15:25 ----SHD---- C:\RECYCLER
2008-12-06 15:00:12 ----A---- C:\WINDOWS\system32\zpeng25.dll
2008-11-21 17:27:08 ----D---- C:\Program Files\Common Files\Adobe
2008-11-21 17:27:08 ----D---- C:\Program Files\Adobe
2008-11-21 16:58:58 ----D---- C:\Program Files\Secunia
2008-11-21 16:45:29 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-17 17:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-17 17:38:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-17 17:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-17 17:33:10 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-11-14 22:24:21 ----D---- C:\Program Files\CCleaner
2008-11-01 13:05:53 ----D---- C:\Documents and Settings\Owner\Application Data\Mozilla
2008-11-01 13:05:35 ----D---- C:\Program Files\Mozilla Firefox
2008-11-01 13:03:57 ----D---- C:\Program Files\RegSeeker
2008-11-01 12:57:29 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-01 12:57:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-01 12:53:35 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-01 12:53:19 ----A---- C:\WINDOWS\system32\MSSTDFMT.DLL
2008-11-01 12:53:17 ----D---- C:\Program Files\SpywareBlaster
2008-11-01 12:45:30 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-01 12:40:30 ----D---- C:\Program Files\Trend Micro
2008-11-01 12:38:23 ----D---- C:\WINDOWS\system32\unknown
2008-11-01 12:16:57 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2008-11-01 10:42:59 ----D---- C:\Tools
2008-11-01 10:42:47 ----D---- C:\UnZipped
2008-11-01 10:42:37 ----D---- C:\Downloads
2008-11-01 10:35:55 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-11-01 10:35:55 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-11-01 10:35:55 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-11-01 10:35:54 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-11-01 10:35:54 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-11-01 10:35:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-11-01 10:35:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-11-01 10:35:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-01 10:35:51 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-11-01 10:35:51 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-01 10:35:50 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-11-01 10:35:50 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-01 10:35:49 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-11-01 10:35:49 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-11-01 10:35:48 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-11-01 10:35:47 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-11-01 10:35:46 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-11-01 10:35:46 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-11-01 10:35:46 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-11-01 10:35:45 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-11-01 10:35:44 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-11-01 10:35:44 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-11-01 10:35:43 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-11-01 10:35:42 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-11-01 10:35:41 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-11-01 10:35:41 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-11-01 10:35:41 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-11-01 10:35:40 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-11-01 10:35:40 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-11-01 10:35:39 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-11-01 10:35:39 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-11-01 10:35:38 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-11-01 10:35:38 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-11-01 10:35:37 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-11-01 10:35:27 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-11-01 10:35:27 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-11-01 10:35:17 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-11-01 10:35:16 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-11-01 10:35:15 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-11-01 10:35:15 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-11-01 10:35:14 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-11-01 10:35:14 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-11-01 10:35:14 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-11-01 10:35:13 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-11-01 10:35:13 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-11-01 10:35:12 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-11-01 10:35:12 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-11-01 10:35:11 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-11-01 10:35:11 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-11-01 10:35:10 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-11-01 10:35:10 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-11-01 10:35:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-11-01 10:35:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-11-01 10:35:08 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-11-01 10:35:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-11-01 10:35:07 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-11-01 10:35:06 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-11-01 10:35:04 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-11-01 10:27:48 ----HD---- C:\WINDOWS\msdownld.tmp
2008-11-01 10:27:26 ----D---- C:\WINDOWS\Logs
2008-11-01 10:20:30 ----D---- C:\WINDOWS\Sun
2008-11-01 10:19:44 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-01 10:16:30 ----D---- C:\Documents and Settings\Owner\Application Data\Sun
2008-11-01 09:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-01 09:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-01 09:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-01 09:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-01 09:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-01 09:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-01 08:59:00 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-01 08:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-01 08:58:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-01 08:58:35 ----D---- C:\WINDOWS\ie7updates
2008-11-01 08:47:23 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-01 08:47:21 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-01 08:41:07 ----A---- C:\WINDOWS\system32\wups2.dll
2008-11-01 08:41:07 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-11-01 08:41:06 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-11-01 08:41:05 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-10-31 20:50:35 ----D---- C:\WINDOWS\WBEM
2008-10-31 20:49:05 ----HDC---- C:\WINDOWS\ie7
2008-10-31 20:48:48 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-10-31 20:48:19 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-10-31 20:10:16 ----A---- C:\WINDOWS\zllsputility.exe
2008-10-31 20:10:15 ----A---- C:\WINDOWS\system32\SpOrder.dll
2008-10-31 20:09:37 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-10-31 20:09:37 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2008-10-31 20:09:35 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-10-31 20:09:35 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-10-31 20:09:30 ----A---- C:\WINDOWS\system32\vswmi.dll
2008-10-31 20:09:29 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-10-31 20:09:29 ----D---- C:\Program Files\Zone Labs
2008-10-31 20:09:29 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-10-31 20:09:29 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-10-31 20:09:29 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-10-31 20:08:36 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-10-31 20:08:36 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-10-31 20:08:36 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-10-31 19:52:07 ----A---- C:\WINDOWS\system32\MCCDevice.dll
2008-10-31 19:52:07 ----A---- C:\WINDOWS\system32\MCC16.dll
2008-10-31 19:52:03 ----D---- C:\Program Files\Common Files\Motive
2008-10-31 19:26:34 ----D---- C:\WINDOWS\system32\NtmsData
2008-10-31 19:24:59 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2008-10-31 19:24:59 ----A---- C:\WINDOWS\system32\CEWMDM.dll
2008-10-31 19:24:58 ----A---- C:\WINDOWS\system32\wmdmps.dll
2008-10-31 19:24:58 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2008-10-31 19:24:58 ----A---- C:\WINDOWS\system32\mswmdm.dll
2008-10-31 19:19:39 ----D---- C:\WINDOWS\pss
2008-10-31 19:17:24 ----D---- C:\Documents and Settings\Owner\Application Data\Macromedia
2008-10-31 19:14:10 ----D---- C:\Documents and Settings\Owner\Application Data\AT&T
2008-10-31 19:14:05 ----D---- C:\Program Files\AT&T
2008-10-31 19:14:05 ----D---- C:\Documents and Settings\All Users\Application Data\AT&T
2008-10-31 19:11:04 ----D---- C:\WINDOWS\Motive
2008-10-31 19:10:50 ----D---- C:\Program Files\BellSouth Application Management
2008-10-31 19:10:45 ----D---- C:\Program Files\BellSouth
2008-10-31 18:43:52 ----D---- C:\WINDOWS\Internet Logs
2008-10-31 18:37:57 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-10-31 17:04:41 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-31 17:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-31 17:03:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-10-31 17:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-31 17:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-31 17:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-10-31 17:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-31 17:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-31 17:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-31 17:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-31 16:59:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-10-31 16:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-31 16:58:17 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-31 16:25:08 ----D---- C:\WINDOWS\Prefetch
2008-10-31 16:23:58 ----RSHD---- C:\cmdcons
2008-10-31 16:23:08 ----A---- C:\WINDOWS\system32\igfxres.dll
2008-10-31 16:20:47 ----A---- C:\WINDOWS\system32\rpcss.dll
2008-10-31 16:20:47 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-10-31 16:20:47 ----A---- C:\WINDOWS\system32\ole32.dll
2008-10-31 16:18:34 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-31 16:18:34 ----A---- C:\WINDOWS\system32\msxml6.dll
2008-10-31 16:18:17 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-10-31 16:18:16 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-31 16:18:16 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-31 16:18:15 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-31 16:18:13 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-31 16:18:12 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-31 16:18:11 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-31 16:18:10 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-31 16:18:09 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-31 16:18:07 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-10-31 16:18:07 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-10-31 16:18:07 ----D---- C:\WINDOWS\system32\en-us
2008-10-31 16:18:06 ----D---- C:\WINDOWS\system32\scripting
2008-10-31 16:18:04 ----D---- C:\WINDOWS\system32\en
2008-10-31 16:18:04 ----D---- C:\WINDOWS\system32\bits
2008-10-31 16:14:24 ----A---- C:\WINDOWS\ModemLog_Lucent Win Modem.txt
2008-10-31 16:13:27 ----D---- C:\WINDOWS\network diagnostic
2008-10-31 15:49:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-31 15:45:33 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-31 15:40:02 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-10-31 15:39:05 ----N---- C:\WINDOWS\system32\logman.exe
2008-10-31 15:39:04 ----N---- C:\WINDOWS\system32\proxycfg.exe
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\auditusr.exe
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-31 15:38:52 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\btpanui.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bthserv.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bthci.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2008-10-31 15:38:51 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\ieencode.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\httpapi.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fwcfg.dll
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fltmc.exe
2008-10-31 15:38:50 ----N---- C:\WINDOWS\system32\fltlib.dll
2008-10-31 15:38:50 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-10-31 15:38:48 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-10-31 15:38:47 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-31 15:38:47 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-10-31 15:38:47 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-10-31 15:38:46 ----N---- C:\WINDOWS\system32\msdadiag.dll
2008-10-31 15:38:43 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2psvc.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2008-10-31 15:38:41 ----N---- C:\WINDOWS\system32\p2p.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\winshfhc.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\w3ssl.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\twext.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\strmfilt.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-31 15:38:40 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2008-10-31 15:38:38 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2008-10-31 15:38:38 ----N---- C:\WINDOWS\system32\wshbth.dll
2008-10-31 15:38:38 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-31 15:38:38 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-10-31 15:38:38 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\xpob2res.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\xmlprov.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2008-10-31 15:38:37 ----N---- C:\WINDOWS\slrundll.exe
2008-10-31 15:38:37 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-31 15:38:37 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-31 15:38:37 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-31 15:38:34 ----D---- C:\WINDOWS\peernet
2008-10-31 15:38:33 ----D---- C:\WINDOWS\provisioning
2008-10-31 15:36:37 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-31 15:34:27 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2008-10-31 15:32:59 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-10-31 15:30:35 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-31 15:30:29 ----D---- C:\WINDOWS\EHome
2008-10-30 23:12:26 ----RASH---- C:\BOOT.BAK
2008-10-30 23:12:16 ----A---- C:\WINDOWS\UPGRADE.TXT
2008-10-30 23:12:12 ----D---- C:\WINDOWS\setup.pss
2008-10-30 23:09:15 ----HDC---- C:\WINDOWS\$NtUninstallKB824146$
2008-10-30 23:06:51 ----HDC---- C:\WINDOWS\$NtUninstallQ331958$
2008-10-30 23:06:41 ----HDC---- C:\WINDOWS\$NtUninstallQ329909$
2008-10-30 23:06:32 ----HDC---- C:\WINDOWS\$NtUninstallq329256$
2008-10-30 23:06:23 ----HDC---- C:\WINDOWS\$NtUninstallQ327979$
2008-10-30 23:06:12 ----HDC---- C:\WINDOWS\$NtUninstallQ811789$
2008-10-30 23:02:44 ----SHD---- C:\System Volume Information
2008-10-30 22:51:42 ----D---- C:\I386
2008-10-30 22:41:30 ----RD---- C:\Program Files
2008-10-30 22:41:15 ----RSD---- C:\WINDOWS\assembly
2008-10-30 22:41:04 ----RD---- C:\WINDOWS\Offline Web Pages
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll

======List of files/folders modified in the last 3 months======

2008-12-13 16:29:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-13 16:10:56 ----D---- C:\WINDOWS
2008-12-13 15:49:43 ----D---- C:\WINDOWS\Temp
2008-12-12 17:37:00 ----SHD---- C:\WINDOWS\Installer
2008-12-12 17:36:28 ----D---- C:\WINDOWS\system32
2008-12-12 17:29:59 ----D---- C:\WINDOWS\Debug
2008-12-12 10:29:52 ----D---- C:\WINDOWS\WinSxS
2008-12-12 10:29:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-12 10:03:39 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2008-12-12 10:03:38 ----D---- C:\WINDOWS\system32\drivers
2008-12-12 10:02:54 ----D---- C:\WINDOWS\system32\Macromed
2008-12-12 09:55:33 ----D---- C:\Program Files\Common Files
2008-12-10 20:55:49 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-10 20:53:22 ----D---- C:\Program Files\Internet Explorer
2008-12-10 20:53:15 ----HD---- C:\WINDOWS\inf
2008-12-10 20:21:37 ----A---- C:\WINDOWS\system.ini
2008-12-10 20:20:58 ----D---- C:\WINDOWS\AppPatch
2008-12-10 20:17:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-06 20:45:58 ----D---- C:\WINDOWS\PCHealth
2008-12-06 20:01:59 ----SD---- C:\WINDOWS\Tasks
2008-11-22 13:12:52 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-22 10:40:23 ----RASH---- C:\boot.ini
2008-11-22 10:40:22 ----A---- C:\WINDOWS\win.ini
2008-11-17 17:33:17 ----D---- C:\WINDOWS\Help
2008-11-07 16:45:32 ----A---- C:\WINDOWS\system32\WMVCore.dll
2008-11-04 14:57:24 ----D---- C:\Documents and Settings\Owner\Application Data\Sonic
2008-11-02 09:06:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-01 11:47:36 ----D---- C:\Program Files\Messenger
2008-11-01 10:35:59 ----D---- C:\WINDOWS\system32\DirectX
2008-10-31 20:50:43 ----D---- C:\WINDOWS\system32\config
2008-10-31 20:50:26 ----D---- C:\WINDOWS\Media
2008-10-31 19:46:46 ----D---- C:\Program Files\Common Files\Real
2008-10-31 19:26:52 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-31 19:26:31 ----D---- C:\Program Files\Hewlett-Packard
2008-10-31 19:25:05 ----D---- C:\Program Files\Windows Media Player
2008-10-31 19:24:23 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-31 19:16:23 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-10-31 17:16:35 ----D---- C:\WINDOWS\system32\URTTemp
2008-10-31 17:16:22 ----D---- C:\WINDOWS\Registration
2008-10-31 17:13:00 ----HD---- C:\hp
2008-10-31 17:00:48 ----D---- C:\Program Files\HP
2008-10-31 16:24:38 ----D---- C:\WINDOWS\system32\Setup
2008-10-31 16:24:37 ----D---- C:\WINDOWS\system32\wbem
2008-10-31 16:24:36 ----RSD---- C:\WINDOWS\Fonts
2008-10-31 16:24:05 ----D---- C:\WINDOWS\security
2008-10-31 16:22:56 ----D---- C:\WINDOWS\system32\FxsTmp
2008-10-31 16:18:19 ----D---- C:\WINDOWS\ime
2008-10-31 16:18:07 ----D---- C:\WINDOWS\system32\usmt
2008-10-31 16:18:03 ----D---- C:\Program Files\Movie Maker
2008-10-31 16:15:22 ----D---- C:\WINDOWS\system32\Restore
2008-10-31 16:15:22 ----D---- C:\WINDOWS\system32\npp
2008-10-31 16:15:20 ----D---- C:\WINDOWS\msagent
2008-10-31 16:15:19 ----D---- C:\WINDOWS\srchasst
2008-10-31 16:15:19 ----D---- C:\Program Files\NetMeeting
2008-10-31 16:15:18 ----D---- C:\WINDOWS\system32\Com
2008-10-31 16:15:15 ----D---- C:\Program Files\Windows NT
2008-10-31 16:15:15 ----D---- C:\Program Files\Outlook Express
2008-10-31 16:15:11 ----D---- C:\Program Files\Common Files\System
2008-10-31 16:14:55 ----D---- C:\WINDOWS\system32\oobe
2008-10-31 16:14:53 ----D---- C:\WINDOWS\system
2008-10-31 16:11:44 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-31 16:09:50 ----D---- C:\WINDOWS\MSBN
2008-10-31 16:03:12 ----D---- C:\WINDOWS\system32\ras
2008-10-31 16:02:57 ----D---- C:\WINDOWS\system32\icsxml
2008-10-31 16:02:57 ----D---- C:\WINDOWS\system32\ias
2008-10-31 16:02:00 ----D---- C:\WINDOWS\addins
2008-10-31 16:01:49 ----D---- C:\WINDOWS\Cursors
2008-10-31 16:01:47 ----HDC---- C:\WINDOWS\$NtUninstallQ329112$
2008-10-31 16:01:38 ----D---- C:\Program Files\Common Files\Services
2008-10-31 15:39:03 ----D---- C:\WINDOWS\system32\mui
2008-10-31 15:34:28 ----RD---- C:\WINDOWS\Web
2008-10-31 15:34:12 ----RASH---- C:\NTDETECT.COM
2008-10-23 07:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-17 02:08:40 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-10-16 15:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\url.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\occache.dll
2008-10-16 15:38:39 ----A---- C:\WINDOWS\system32\mstime.dll
2008-10-16 15:38:38 ----A---- C:\WINDOWS\system32\msrating.dll
2008-10-16 15:38:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-10-16 15:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-10-16 15:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
2008-10-16 15:38:34 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-10-16 15:38:34 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-16 15:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 08:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-10-16 08:11:09 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 02:04:53 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-10-03 05:02:42 ----A---- C:\WINDOWS\system32\strmdll.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2003-08-23 57216]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-12-12 75072]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-11-13 353680]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-29 12032]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-07-01 756444]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
R3 ltmodem5;Lucent Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2003-03-31 625537]
R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2001-06-04 14112]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 37760]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-10-27 7808]
S3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
S3 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-12-12 611664]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-12 152984]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-11-13 2405776]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-05-03 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S4 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-09-01 303104]

-----------------EOF-----------------

noahdfear · 2008/12/14

Threads merged.

I see now that you ran ComboFix the other day. Please post it's log located at C:\combofix.txt

What are the contents of the C:\WINDOWS\system32\unknown folder?

How far off is your clock? Verify the settings we tweaked have not changed please. I'd recommend replacing the battery on the motherboard. They're cheap and it can't hurt.

Verify that your firewall is not interfering please. Disable it and try your game again.

DugE · 2008/12/14

ComboFix 08-12-14.01 - Owner 2008-12-14 12:46:15.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.247.125 [GMT -5:00]
Running from: c:\tools\Hard core tools\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-11-14 to 2008-12-14 )))))))))))))))))))))))))))))))
.

2008-12-14 12:32 . 2008-12-14 12:31 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-12-14 12:31 . 2008-12-14 12:31 <DIR> d-------- C:\rsit
2008-12-14 12:31 . 2008-12-14 12:31 <DIR> d-------- c:\program files\Java
2008-12-13 15:57 . 2008-12-13 15:57 <DIR> d-------- C:\rsit.old
2008-12-12 10:29 . 2008-12-12 09:41 <DIR> d-------- c:\windows\SxsCaPendDel
2008-12-12 10:06 . 2008-12-12 10:06 <DIR> d-------- c:\program files\Avira
2008-12-12 09:56 . 2008-12-12 09:56 <DIR> d-------- c:\program files\Lavasoft
2008-12-12 09:55 . 2008-12-12 09:55 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-11 20:17 . 2008-12-11 20:17 <DIR> d-------- c:\windows\.jagex_cache_32
2008-12-10 20:51 . 2008-12-10 20:51 <DIR> d-------- c:\program files\MSXML 4.0
2008-12-06 15:00 . 2008-11-13 15:18 1,221,008 --a------ c:\windows\system32\zpeng25.dll
2008-11-26 12:19 . 2008-04-14 00:15 26,368 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2008-11-21 17:27 . 2008-11-21 17:27 <DIR> d-------- c:\program files\Common Files\Adobe
2008-11-21 16:58 . 2008-11-21 16:58 <DIR> d-------- c:\program files\Secunia
2008-11-17 17:38 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-17 17:37 . 2008-09-04 12:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-17 17:33 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2008-11-14 22:24 . 2008-11-14 22:24 <DIR> d-------- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-14 17:39 31 ----a-w c:\documents and settings\Owner\jagex_runescape_preferences.dat
2008-12-14 17:31 410,976 ----a-w c:\windows\system32\deploytk.dll
2008-12-12 22:30 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-12 15:33 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-12 15:33 --------- d-----w c:\program files\SpywareBlaster
2008-12-12 15:06 --------- d-----w c:\documents and settings\All Users\Application Data\Avira
2008-12-12 14:57 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-04 19:57 --------- d-----w c:\documents and settings\Owner\Application Data\Sonic
2008-11-01 18:03 --------- d-----w c:\program files\RegSeeker
2008-11-01 17:47 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-01 17:40 --------- d-----w c:\program files\Trend Micro
2008-11-01 01:09 --------- d-----w c:\program files\Zone Labs
2008-11-01 00:46 --------- d-----w c:\program files\Common Files\Real
2008-11-01 00:26 --------- d-----w c:\program files\Hewlett-Packard
2008-11-01 00:24 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-01 00:24 --------- d-----w c:\program files\Common Files\Motive
2008-11-01 00:16 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-01 00:14 --------- d-----w c:\program files\AT&T
2008-11-01 00:14 --------- d-----w c:\documents and settings\Owner\Application Data\AT&T
2008-11-01 00:14 --------- d-----w c:\documents and settings\All Users\Application Data\AT&T
2008-11-01 00:11 --------- d-----w c:\program files\BellSouth Application Management
2008-11-01 00:10 --------- d-----w c:\program files\BellSouth
2008-10-31 22:00 --------- d-----w c:\program files\HP
2008-10-31 21:22 3,558 --sha-r c:\windows\system32\drivers\HP_DM185A-ABA a335w_YUU_Pavi_QMXM344_E34NAheBLU2_4_IGlendale motherboard_STriGem Computer Inc._V_B3.24_T031014_WXH1_L409_M248_J80_7Intel_8Pentium 4_92.49_1_N10EC8139_P_Z11C1044C_K_A808624C5_U808624C2_G80862562.MRK
2008-10-27 08:04 7,808 ----a-w c:\windows\system32\drivers\psi_mf.sys
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:38 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:12 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-03 10:02 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"NVIEW "= "nview.dll" [2003-05-03 c:\windows\system32\nview.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv "= "c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds "= "c:\windows\System32\hkcmd.exe" [2003-04-07 114688]
"Recguard "= "c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]
"NvCplDaemon "= "c:\windows\System32\NvCpl.dll" [2003-05-03 4640768]
"PS2 "= "c:\windows\system32\ps2.exe" [2002-10-16 81920]
"ISW.exe "= "c:\program files\AT&T\Internet Security Wizard\ISW.exe" [2007-05-03 2061816]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"ZoneAlarm Client "= "c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"avgnt "= "c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched "= "c:\program files\Java\jre6\bin\jusched.exe" [2008-12-14 136600]
"AlcxMonitor "= "ALCXMNTR.EXE" [2003-04-03 c:\windows\ALCXMNTR.EXE]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2003-05-03 01:19 323584 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify "=dword:00000001
"UpdatesDisableNotify "=dword:00000001
"AntiVirusOverride "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)
"DisableNotifications "= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe "=
"%windir%\\system32\\sessmgr.exe "=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe "=

S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2008-10-27 7808]
S3 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys []

*Newly Created Service* - JAVAQUICKSTARTERSERVICE
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = https://pbells.broadjump.com/wizlet/iw60/launch.htm
uInternet Settings,ProxyOverride = localhost

O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd

O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\obnsslyn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\program files\GoBit Games\BrowserPlugin\npgobitgamesplugin.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-14 12:48:16
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-12-14 12:49:38
ComboFix-quarantined-files.txt 2008-12-14 17:49:35

Pre-Run: 61,897,367,552 bytes free
Post-Run: 61,897,179,136 bytes free

139

========================================================

The contents of the unknown folder are an icon of freezip, 766 bytes, an unzip.exe, 156kb, dated 1/15/2001 and an zip.exe, 114kb, dated 11/4/1997. Dont know why its there.

The clock is off about an hour and a half right now. The settings are the way you suggested. No change.

I removed java and installed the 6.10 version. It's working fine so far. Just have to wait and see. I have another rsit scan if you want to see it.

noahdfear · 2008/12/14

Freezip is a legit archive handling app. You can do whatever you want with that folder.

Glad to hear the Java rollback appears to be an answer for you.

I do feel a mobo battery would be a good step in the clock diagnosis.

DugE · 2008/12/14

I thought I'd give the rollback a try at least. Cant be any worse. Like I mentioned before it works. But you had it working yesterday too. I'll just have to wait and see.

This comp is 7 years old now I think. You probably right about the battery.

Thanks again.

DugE · 2008/12/15

What is disabling java?

I thought it might be a firefox issue so I tried IE. No difference. Java still not correct.

I just ran a scan disk to check for errors. It came up clean. Don't know what else I can do.

noahdfear · 2008/12/15

Uninstall 10 and 11 then try installing Java 6 update 7 and see what happens.

DugE · 2008/12/16

I'll let you know what happens.

DugE · 2008/12/16

No go. At least with 10 and 11 it did start properly, just didn't remain. 6.7 didn't even start properly. I did notice that the java quick start wasn't automatically installed in firefox as it was in 10 and 11. Think this made the difference?

I went to C/Document and settings/dopey/application data/sun/java/deployment/cache and deleted everything in the folder. rebooted and tried again. no go. I beginning to think this is not a malware situation, if the logs I posted were clean as you mentioned earlier. Any suggestions? I'm grasping at straws here.

Using regseeker, I searched the registry for java and got 417 hits. Scrolling thru the list I saw they were pretty legit java files. I thought about deleting java, then run regseeker and deleting all these files, reboot, reinstall java. What do you think?

Contents of java console:

Java Plug-in 1.6.0_07
Using JRE version 1.6.0_07 Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\Owner

----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
p: reload proxy configuration
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------

sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Must specify the location of an OCSP Responder
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at sun.plugin.security.PluginClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$000(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at sun.applet.AppletClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadCode(Unknown Source)
at sun.applet.AppletPanel.createApplet(Unknown Source)
at sun.plugin.AppletViewer.createApplet(Unknown Source)
at sun.applet.AppletPanel.runLoader(Unknown Source)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.cert.CertPathValidatorException: Must specify the location of an OCSP Responder
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown Source)
at java.security.cert.CertPathValidator.validate(Unknown Source)
... 25 more

I think I found the fix for my java problem. Not sure yet but let you know soon.

Windows Update acting up again. Giving me the error 0x80072EE2. I searched the error number and found a fix that worked. For now anyway. Click start - run, type regsur32 wuapi.dll. When you get the dllregisterServer in urlmon.dll succeeded click ok. Went back to WU and worked fine.

noahdfear · 2008/12/16

Glad to hear you got WU fixed, and what worked. Hope to get good news on the Java issue too. I'll stay tuned.

Log in or Sign up

Solved Java not working, cannot access Windows Update

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

DugE Well-Known Member Thread Starter

noahdfear Inactive

Share This Page

Log in or Sign up

Solved Java not working, cannot access Windows Update

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

DugE Well-Known Member Thread Starter

noahdfear Inactive

DugE Well-Known Member Thread Starter

DugE Well-Known Member Thread Starter

noahdfear Inactive

Share This Page

Useful Searches