|
Help needed |
Post Reply 
|
| Author |
 Share Topic Printable Version Delicious Digg Facebook Furl Google MySpace Newsvine reddit StumbleUpon Translate Twitter Windows Live Yahoo Bookmarks Topic Search  Topic Options
|
coconut 
Senior Member 
Joined: 05 January 2007 Online Status: Offline Posts: 557 |
 Post Options
 Quote Reply
 Topic: Help neededPosted: 08 December 2007 at 10:35am |
|
boot into recovery console or BartPE to verify jswmidin is gone and not just hidden. while the rest of your log seems clean, there may be some things hidden from autoruns. again, a check within BartPE would be best |
|
 |
|
|
Truls88
Newbie 
Joined: 06 December 2007 Location: United States Online Status: Offline Posts: 4 |
Post Options
Quote Reply
Posted: 08 December 2007 at 3:18am |
|
I uploaded ip6fw and no problem there, couldn't find jswmidin on my system.
|
|
|
|
|
Truls88
Newbie
Joined: 06 December 2007 Location: United States Online Status: Offline Posts: 4 |
Post Options
Quote Reply
Posted: 08 December 2007 at 2:52am |
|
This is the home version of Xp service pack 2
|
|
|
|
|
coconut
Senior Member
Joined: 05 January 2007 Online Status: Offline Posts: 557 |
Post Options
Quote Reply
Posted: 07 December 2007 at 10:56am |
|
+ Ip6Fw Provides intrusion prevention service for a home or small office network. (Not verified) Microsoft Corporation c:\windows\system32\drivers\ip6fw.sys
+ jswmidin File not found: C:\windows\System32\Drivers\jswmidin.sys
are malware. uncheck them, reboot, and rescan with autoruns to verify they didnt "come back". i find it strange that so many MS entries are "not verified" and from what i see should be verified. what version of XP is this?
there are also a couple other entries, while not malware, seem to be related to cd-copy protection and ive seen some forums report they have caused stability issues.
edit: it seems there may be a legit version of ip6fw.sys, although there are plently of references to a rootkit with that name and path. it is best to upload that file (if it is visible in explorer) to virustotal and virscan for better analysis Edited by coconut - 07 December 2007 at 7:43pm |
|
|
|
|
Truls88
Newbie
Joined: 06 December 2007 Location: United States Online Status: Offline Posts: 4 |
Post Options
Quote Reply
Posted: 07 December 2007 at 12:27am |
|
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
+ rdpclip RDP Clip Monitor (Not verified) Microsoft Corporation c:\windows\system32\rdpclip.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit + C:\WINDOWS\system32\userinit.exe Userinit Logon Application (Not verified) Microsoft Corporation c:\windows\system32\userinit.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell + Explorer.exe Windows Explorer (Not verified) Microsoft Corporation c:\windows\explorer.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run + BDAgent BDAgent Application (Not verified) SOFTWIN S.R.L. c:\program files\softwin\bitdefender10\bdagent.exe + BDMCon BitDefender Management Console (Not verified) SOFTWIN S.R.L. c:\program files\softwin\bitdefender10\bdmcon.exe + CTHelper CtHelper MFC Application (Not verified) Creative Technology Ltd c:\windows\system32\cthelper.exe + KernelFaultCheck Windows Error Reporting Dump Reporting Tool (Not verified) Microsoft Corporation c:\windows\system32\dumprep.exe + kX Mixer kX mixer (Not verified) Eugene Gavrilov c:\windows\system32\kxmixer.exe + NvCplDaemon NVIDIA Display Properties Extension (Not verified) NVIDIA Corporation c:\windows\system32\nvcpl.dll + NvMediaCenter NVIDIA Media Center Library (Not verified) NVIDIA Corporation c:\windows\system32\nvmctray.dll + nwiz NVIDIA nView Wizard, Version 111.17 (Not verified) NVIDIA Corporation c:\windows\system32\nwiz.exe + RoxWatchTray RoxMMTrayApp Module (Verified) Sonic Solutions c:\program files\common files\roxio shared\10.0\sharedcom\roxwatchtray10.exe + SBCSTray Tray Application (Verified) SUNBELT SOFTWARE DISTRIBUTION c:\program files\sunbelt software\counterspy\sbcstray.exe + SDTray PC Tools Tray Application (Verified) PC Tools c:\program files\spyware doctor\sdtrayapp.exe + ZoneAlarm Client ZoneAlarm Client (Verified) Check Point Software Technologies Ltd. c:\program files\zone labs\zonealarm\zlclient.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Run + Coast to Coast AM Premiere Radio Networks, Inc. (Not verified) Premiere Radio Networks, Inc. c:\program files\coast to coast am media center\coast to coast am media center.exe + ctfmon.exe CTF Loader (Not verified) Microsoft Corporation c:\windows\system32\ctfmon.exe HKLM\SOFTWARE\Classes\Protocols\Filter + application/octet-stream Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll + application/x-complus Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll + application/x-msdownload Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll + Class Install Handler OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + deflate OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + gzip OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + lzdhtml OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + text/webviewhtml Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll HKLM\SOFTWARE\Classes\Protocols\Handler + about Microsoft (R) HTML Viewer (Not verified) Microsoft Corporation c:\windows\system32\mshtml.dll + cdl OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + dvd ActiveX control for streaming video (Not verified) Microsoft Corporation c:\windows\system32\msvidctl.dll + file OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + ftp OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + gopher OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + http OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + https OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + its Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\windows\system32\itss.dll + javascript Microsoft (R) HTML Viewer (Not verified) Microsoft Corporation c:\windows\system32\mshtml.dll + lid ActiveX control for streaming video (Not verified) Microsoft Corporation c:\windows\system32\msvidctl.dll + local OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + mailto Microsoft (R) HTML Viewer (Not verified) Microsoft Corporation c:\windows\system32\mshtml.dll + mhtml Microsoft Internet Messaging API (Not verified) Microsoft Corporation c:\windows\system32\inetcomm.dll + mk OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + ms-its Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\windows\system32\itss.dll + ms-itss Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\program files\common files\microsoft shared\information retrieval\msitss.dll + res Microsoft (R) HTML Viewer (Not verified) Microsoft Corporation c:\windows\system32\mshtml.dll + sysimage Microsoft (R) HTML Viewer (Not verified) Microsoft Corporation c:\windows\system32\mshtml.dll + tv ActiveX control for streaming video (Not verified) Microsoft Corporation c:\windows\system32\msvidctl.dll + vbscript Microsoft (R) HTML Viewer (Not verified) Microsoft Corporation c:\windows\system32\mshtml.dll + wia WIA Scripting Layer (Not verified) Microsoft Corporation c:\windows\system32\wiascr.dll HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components + 0 File not found: About:Home HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components + Address Book 5 Outlook Express Setup Library (Not verified) Microsoft Corporation c:\program files\outlook express\setup50.exe + Browser Customizations IEAK branding (Not verified) Microsoft Corporation c:\windows\system32\iedkcs32.dll + Browser Customizations IEAK branding (Not verified) Microsoft Corporation c:\windows\system32\iedkcs32.dll + CRLUpdate UPDCRL (Not verified) Microsoft Corporation c:\windows\system32\updcrl.exe + IE7 Uninstall Stub IE Per User Active Setup Uninstall Utility (Not verified) Microsoft Corporation c:\windows\system32\ieudinit.exe + Internet Explorer IE Per-User Initialization Utility (Not verified) Microsoft Corporation c:\windows\system32\ie4uinit.exe + Internet Explorer IE Per-User Initialization Utility (Not verified) Microsoft Corporation c:\windows\system32\ie4uinit.exe + Microsoft Outlook Express 6 Outlook Express Setup Library (Not verified) Microsoft Corporation c:\program files\outlook express\setup50.exe + Microsoft Windows Media Player ADVPACK (Not verified) Microsoft Corporation c:\windows\system32\advpack.dll + n/a Microsoft .NET IE SECURITY REGISTRATION (Not verified) Microsoft Corporation c:\windows\system32\mscories.dll + NetMeeting 3.01 ADVPACK (Not verified) Microsoft Corporation c:\windows\system32\advpack.dll + Outlook Express Windows NT User Data Migration Tool (Not verified) Microsoft Corporation c:\windows\system32\shmgrate.exe + Themes Setup Microsoft(C) Register Server (Not verified) Microsoft Corporation c:\windows\system32\regsvr32.exe + Windows Desktop Update Microsoft(C) Register Server (Not verified) Microsoft Corporation c:\windows\system32\regsvr32.exe + Windows Media Player Microsoft Windows Media Player Setup Utility (Not verified) Microsoft Corporation c:\windows\inf\unregmp2.exe + Windows Messenger 4.7 ADVPACK (Not verified) Microsoft Corporation c:\windows\system32\advpack.dll HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler + Browseui preloader Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Component Categories cache daemon Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad + CDBurn Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll + PostBootReminder Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll + SysTray Systray shell service object (Not verified) Microsoft Corporation c:\windows\system32\stobject.dll + WebCheck Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + WPDShServiceObj Windows Portable Device Shell Service Object (Not verified) Microsoft Corporation c:\windows\system32\wpdshserviceobj.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks + AVG Anti-Spyware 7.5 AVG Anti-Spyware shellexecutehook (Verified) GRISOFT LTD c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll + shell32.dll Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved + Web Folders c:\program files\common files\microsoft shared\web folders\msonsext.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved + %DESC_PublishDropTarget% Photo Printing Wizard (Not verified) Microsoft Corporation c:\windows\system32\photowiz.dll + &Address Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + &Links Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + .CAB file viewer Cabinet File Viewer Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\cabview.dll + Accessible Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + ActiveX Cache Folder Object Control Viewer (Not verified) Microsoft Corporation c:\windows\system32\occache.dll + Address Bar Parser Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Address EditBox Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Administrative Tools Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Audio Media Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll + Augmented Shell Folder Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Augmented Shell Folder 2 Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Avi Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll + BandProxy Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Briefcase Windows Briefcase (Not verified) Microsoft Corporation c:\windows\system32\syncui.dll + CDF Extension Copy Hook Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Code Download Agent Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + Compatibility Page Compatibility Tab Shell Extension DLL (Not verified) Microsoft Corporation c:\windows\system32\slayerxp.dll + Compressed (zipped) Folder Compressed (zipped) Folders (Not verified) Microsoft Corporation c:\windows\system32\zipfldr.dll + Compressed (zipped) Folder Right Drag Handler Compressed (zipped) Folders (Not verified) Microsoft Corporation c:\windows\system32\zipfldr.dll + Compressed (zipped) Folder SendTo Target Compressed (zipped) Folders (Not verified) Microsoft Corporation c:\windows\system32\zipfldr.dll + ConnectionAgent Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + Crypto PKO Extension Crypto Shell Extensions (Not verified) Microsoft Corporation c:\windows\system32\cryptext.dll + Crypto Sign Extension Crypto Shell Extensions (Not verified) Microsoft Corporation c:\windows\system32\cryptext.dll + Custom MRU AutoCompleted List Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Darwin App Publisher Shell Application Manager (Not verified) Microsoft Corporation c:\windows\system32\appwiz.cpl + Desktop Explorer NVIDIA Desktop Explorer, Version 111.17 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll + Desktop Explorer Menu NVIDIA Desktop Explorer, Version 111.17 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll + DfsShell Distributed File System shell extension (Not verified) Microsoft Corporation c:\windows\system32\dfsshlex.dll + Directory Context Menu Verbs Directory Service Common UI (Not verified) Microsoft Corporation c:\windows\system32\dsuiext.dll + Directory Object Find Directory Service Find (Not verified) Microsoft Corporation c:\windows\system32\dsquery.dll + Directory Property UI Directory Service Common UI (Not verified) Microsoft Corporation c:\windows\system32\dsuiext.dll + Directory Query UI Directory Service Find (Not verified) Microsoft Corporation c:\windows\system32\dsquery.dll + Directory Start/Search Find Directory Service Find (Not verified) Microsoft Corporation c:\windows\system32\dsquery.dll + Disk Copy Extension Windows DiskCopy (Not verified) Microsoft Corporation c:\windows\system32\diskcopy.dll + Disk Quota UI Windows Shell Disk Quota UI DLL (Not verified) Microsoft Corporation c:\windows\system32\dskquoui.dll + Display Adapter CPL Extension Advanced display adapter properties (Not verified) Microsoft Corporation c:\windows\system32\deskadp.dll + Display Monitor CPL Extension Advanced display monitor properties (Not verified) Microsoft Corporation c:\windows\system32\deskmon.dll + Display Panning CPL Extension File not found: deskpan.dll + Display TroubleShoot CPL Extension Advanced display performance properties (Not verified) Microsoft Corporation c:\windows\system32\deskperf.dll + Download Status Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + DS Security Page Directory Service Security UI (Not verified) Microsoft Corporation c:\windows\system32\dssec.dll + E-mail Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Explorer Band Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Extensions Manager Folder Extensions Manager (Not verified) Microsoft Corporation c:\windows\system32\extmgr.dll + Favorites Band Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Fonts Windows Font Folder (Not verified) Microsoft Corporation c:\windows\system32\fontext.dll + Fonts Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + For &People... Find People (Not verified) Microsoft Corporation c:\program files\outlook express\wabfind.dll + FTP Folders Webview Microsoft Internet Explorer FTP Folder Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\msieftp.dll + Fusion Cache Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll + GDI+ file thumbnail extractor Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll + Get a Passport Wizard Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll + Global Folder Settings Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Help and Support Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Help and Support Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + History Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + HTML Thumbnail Extractor Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll + HyperTerminal Icon Ext HyperTerminal Applet Library (Not verified) Hilgraeve, Inc. c:\windows\system32\hticons.dll + ICC Profile Microsoft Color Matching System User Interface DLL (Not verified) Microsoft Corporation c:\windows\system32\icmui.dll + ICM Monitor Management Microsoft Color Matching System User Interface DLL (Not verified) Microsoft Corporation c:\windows\system32\icmui.dll + ICM Printer Management Microsoft Color Matching System User Interface DLL (Not verified) Microsoft Corporation c:\windows\system32\icmui.dll + ICM Scanner Management Microsoft Color Matching System User Interface DLL (Not verified) Microsoft Corporation c:\windows\system32\icmui.dll + IE AutoComplete Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE BandProxy Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Custom MRU AutoCompleted List Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Fade Task Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE IShellFolderBand Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Menu Band Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Menu Desk Bar Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Menu Site Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Microsoft BrowserBand Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Microsoft History AutoComplete List Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Microsoft Multiple AutoComplete List Container Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Microsoft Shell Folder AutoComplete List Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE MRU AutoComplete List Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Navigation Bar Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Registry Tree Options Utility Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE RSS Feeder Folder Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Search Band Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Shell Band Site Menu Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Shell Rebar BandSite Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE Tracking Shell Menu Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE User Assist Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + IE4 Suite Splash Screen Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + In-pane search Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Installed Apps Enumerator Shell Application Manager (Not verified) Microsoft Corporation c:\windows\system32\appwiz.cpl + Internet Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Internet Name Space Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + InternetShortcut Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + ISFBand OC Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + iTunes iTunes Mini Player DLL (Verified) Apple Computer, Inc. c:\program files\itunes\itunesminiplayer.dll + Microsoft Agent Character Property Sheet Handler Microsoft Agent Property Sheet Handler (Not verified) Microsoft Corporation c:\windows\msagent\agentpsh.dll + Microsoft AutoComplete Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Microsoft Browser Architecture Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Microsoft Browser Architecture Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + Microsoft BrowserBand Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Microsoft Data Link Microsoft Data Access - OLE DB Core Services (Not verified) Microsoft Corporation c:\program files\common files\system\ole db\oledb32.dll + Microsoft DocProp Inplace Calendar Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll + Microsoft DocProp Inplace Droplist Combo Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll + Microsoft DocProp Inplace Edit Box Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll + Microsoft DocProp Inplace ML Edit Box Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll + Microsoft DocProp Inplace Time Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll + Microsoft DocProp Shell Ext Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll + Microsoft History AutoComplete List Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Microsoft Internet Toolbar Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Microsoft Multiple AutoComplete List Container Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Microsoft Shell Folder AutoComplete List Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Microsoft Url History Service Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + Microsoft Url Search Hook Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + Midi Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll + MMC Icon Handler MMC Shell Extension DLL (Not verified) Microsoft Corporation c:\windows\system32\mmcshext.dll + mp3 menu shell extension c:\program files\mp3 to wave maker plus\wavemenu.dll + MRU AutoComplete List Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Multimedia File Property Sheet Control Panel Drivers Applet (Not verified) Microsoft Corporation c:\windows\system32\mmsys.cpl + MyDocs Copy Hook My Documents Folder UI (Not verified) Microsoft Corporation c:\windows\system32\mydocs.dll + MyDocs Drop Target My Documents Folder UI (Not verified) Microsoft Corporation c:\windows\system32\mydocs.dll + MyDocs Properties My Documents Folder UI (Not verified) Microsoft Corporation c:\windows\system32\mydocs.dll + Network Connections Network Connections Shell (Not verified) Microsoft Corporation c:\windows\system32\netshell.dll + Network Connections Network Connections Shell (Not verified) Microsoft Corporation c:\windows\system32\netshell.dll + NTFS Security Page Security Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\rshx32.dll + NvCpl DesktopContext Class NVIDIA Display Properties Extension (Not verified) NVIDIA Corporation c:\windows\system32\nvcpl.dll + nView Desktop Context Menu NVIDIA Desktop Explorer, Version 111.17 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll + Offline Files Folder Client Side Caching UI (Not verified) Microsoft Corporation c:\windows\system32\cscui.dll + Offline Files Folder Options Client Side Caching UI (Not verified) Microsoft Corporation c:\windows\system32\cscui.dll + Offline Files Menu Client Side Caching UI (Not verified) Microsoft Corporation c:\windows\system32\cscui.dll + OLE Docfile Property Page OLE DocFile Property Page (Not verified) Microsoft Corporation c:\windows\system32\docprop.dll + Play on my TV helper NVIDIA Display Properties Extension (Not verified) NVIDIA Corporation c:\windows\system32\nvcpl.dll + PlusPack CPL Extension Windows Theme API (Not verified) Microsoft Corporation c:\windows\system32\themeui.dll + Portable Devices Portable Devices Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\wpdshext.dll + Portable Devices Menu Portable Devices Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\wpdshext.dll + Portable Media Devices Portable Media Devices Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\audiodev.dll + PostAgent Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + Previous Versions Previous Versions property page (Not verified) Microsoft Corporation c:\windows\system32\twext.dll + Previous Versions Property Page Previous Versions property page (Not verified) Microsoft Corporation c:\windows\system32\twext.dll + Print Ordering via the Web Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll + Printers Security Page Security Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\rshx32.dll + Registry Tree Options Utility Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Remote Sessions CPL Extension Remote Sessions CPL Extension (Not verified) Microsoft Corporation c:\windows\system32\remotepg.dll + Run... Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll + Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll + Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll + Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll + Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll + Scheduled Tasks Task Scheduler interface DLL (Not verified) Microsoft Corporation c:\windows\system32\mstask.dll + Search Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Search Assistant OC Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Sendmail service Send Mail (Not verified) Microsoft Corporation c:\windows\system32\sendmail.dll + Sendmail service Send Mail (Not verified) Microsoft Corporation c:\windows\system32\sendmail.dll + Set Program Access and Defaults Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Shell Application Manager Shell Application Manager (Not verified) Microsoft Corporation c:\windows\system32\appwiz.cpl + Shell Automation Inproc Service Shell Doc Object and Control Library (Not verified) Microsoft Corporation c:\windows\system32\shdocvw.dll + Shell Band Site Menu Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Shell DeskBar Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Shell DeskBarApp Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Shell DocObject Viewer Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + Shell extensions for Microsoft Windows Network objects Network object shell UI (Not verified) Microsoft Corporation c:\windows\system32\ntlanui2.dll + Shell Extensions for RealOne Player RealPlayer Automation Interface (Not verified) RealNetworks, Inc. c:\program files\real\realone player\rpplugins\ierpplug.dll + Shell extensions for sharing Shell extensions for sharing (Not verified) Microsoft Corporation c:\windows\system32\ntshrui.dll + Shell extensions for sharing Shell extensions for sharing (Not verified) Microsoft Corporation c:\windows\system32\ntshrui.dll + Shell extensions for Windows Script Host Microsoft (r) Shell Extension for Windows Script Host (Not verified) Microsoft Corporation c:\windows\system32\wshext.dll + Shell Image Data Factory Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll + Shell Image Property Handler Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll + Shell Image Verbs Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll + Shell properties for a DS object Directory Service Find (Not verified) Microsoft Corporation c:\windows\system32\dsquery.dll + Shell Publishing Wizard Object Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll + Shell Rebar BandSite Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Shell Scrap DataHandler Shell scrap object handler (Not verified) Microsoft Corporation c:\windows\system32\shscrap.dll + Shell Search Band Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Subscription Folder Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + Subscription Mgr Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + Summary Info Thumbnail handler (DOCFILES) Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll + Taskbar and Start Menu Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll + Tasks Folder Icon Handler Task Scheduler interface DLL (Not verified) Microsoft Corporation c:\windows\system32\mstask.dll + Tasks Folder Shell Extension Task Scheduler interface DLL (Not verified) Microsoft Corporation c:\windows\system32\mstask.dll + Temporary Internet Files Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + Temporary Internet Files Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + The Internet Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll + Track Popup Bar Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + TrayAgent Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + TridentImageExtractor Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + TrojanHunter Menu Shell Extension c:\abc trojanhunter\trojanhunter 4.5\contmenu.dll + User Accounts Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll + User Assist Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + Video Media Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll + Video Thumbnail Extractor Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll + Wav Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll + Wave menu shell extension c:\program files\mp3 to wave maker plus\wavemenu.dll + Web Printer Shell Extension Print UI DLL (Not verified) Microsoft Corporation c:\windows\system32\printui.dll + Web Publishing Wizard Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll + Web Search Shell Browser UI Library (Not verified) Microsoft Corporation c:\windows\system32\browseui.dll + WebCheck Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + WebCheck SyncMgr Handler Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + WebCheckChannelAgent Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + WebCheckWebCrawler Web Site Monitor (Not verified) Microsoft Corporation c:\windows\system32\webcheck.dll + Windows Media Player Add to Playlist Context Menu Handler Windows Media Player Launcher (Not verified) Microsoft Corporation c:\windows\system32\wmpshell.dll + Windows Media Player Burn Audio CD Context Menu Handler Windows Media Player Launcher (Not verified) Microsoft Corporation c:\windows\system32\wmpshell.dll + Windows Media Player Play as Playlist Context Menu Handler Windows Media Player Launcher (Not verified) Microsoft Corporation c:\windows\system32\wmpshell.dll + WinRAR shell extension c:\program files\winrar\rarext.dll + WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\program files\winzip\wzshlstb.dll + WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\program files\winzip\wzshlstb.dll + WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\program files\winzip\wzshlstb.dll + WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\program files\winzip\wzshlstb.dll HKLM\Software\Classes\Folder\Shellex\ColumnHandlers + PDF Shell Extension PDF Shell Extension (Not verified) Adobe Systems, Inc. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll + {0D2E74C4-3C34-11d2-A27E-00C04FC30871} Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll + {24F14F01-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll + {24F14F02-7B1C-11d1-838f-0000F80461CF} Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll + {66742402-F9B9-11D1-A202-0000F81FEDEE} Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects + Adobe PDF Reader Link Helper Adobe Acrobat IE Helper Version 7.0 for ActiveX (Verified) Adobe Systems, Incorporated c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll + NTIECatcher Class Net Transport IE Helper Module (Not verified) Xi c:\program files\xi\nettransport 2\ntiehelper.dll HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks + ieframe.dll Internet Explorer (Not verified) Microsoft Corporation c:\windows\system32\ieframe.dll HKLM\Software\Microsoft\Internet Explorer\Extensions + @xpsp3res.dll,-20001 Network Diagnostic for Windows XP (Not verified) Microsoft Corporation c:\windows\network diagnostic\xpnetdiag.exe + Define c:\program files\common files\microsoft shared\reference 2001\a\ers_def.htm + Encarta Encyclopedia c:\program files\common files\microsoft shared\reference 2001\a\ers_enc.htm Task Scheduler + AppleSoftwareUpdate.job Software Application (Verified) Apple Computer, Inc. c:\program files\apple software update\softwareupdate.exe HKLM\System\CurrentControlSet\Services + AudioSrv Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\audiosrv.dll + bdss Scans media for viruses and other security threats c:\program files\common files\softwin\bitdefender scan server\bdss.exe + CryptSvc Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\cryptsvc.dll + DcomLaunch Provides launch functionality for DCOM services. (Not verified) Microsoft Corporation c:\windows\system32\rpcss.dll + Dhcp Manages network configuration by registering and updating IP addresses and DNS names. (Not verified) Microsoft Corporation c:\windows\system32\dhcpcsvc.dll + Eventlog Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. (Not verified) Microsoft Corporation c:\windows\system32\services.exe + helpsvc Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\pchealth\helpctr\binaries\pchsvc.dll + HidServ Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\hidserv.dll + lanmanserver Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\srvsvc.dll + lanmanworkstation Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\wkssvc.dll + LIVESRV Downloads BitDefender updates and new malware signatures from the Internet (Not verified) SOFTWIN S.R.L. c:\program files\common files\softwin\bitdefender update service\livesrv.exe + LmHosts Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. (Not verified) Microsoft Corporation c:\windows\system32\lmhsvc.dll + NVSvc Provides system and desktop level support to the NVIDIA display driver (Not verified) NVIDIA Corporation c:\windows\system32\nvsvc32.exe + PlugPlay Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. (Not verified) Microsoft Corporation c:\windows\system32\services.exe + PnkBstrA PunkBuster Service Component [v1029] http://www.evenbalance.com (Verified) Even Balance, Inc. c:\windows\system32\pnkbstra.exe + PolicyAgent Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. (Not verified) Microsoft Corporation c:\windows\system32\lsass.exe + RoxLiveShare10 Allows remote users to view through WEB browsers your authorized multimedia content managed by Roxio Media Manager9. (Verified) Sonic Solutions c:\program files\common files\roxio shared\10.0\sharedcom\roxliveshare10.exe + RpcSs Provides the endpoint mapper and other miscellaneous RPC services. (Not verified) Microsoft Corporation c:\windows\system32\rpcss.dll + SamSs Stores security information for local user accounts. (Not verified) Microsoft Corporation c:\windows\system32\lsass.exe + SBCSSvc Manages your antispyware application (Verified) SUNBELT SOFTWARE DISTRIBUTION c:\program files\sunbelt software\counterspy\sbcssvc.exe + Schedule Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\schedsvc.dll + sdAuxService Provides auxiliary Spyware Doctor services. If this service is disabled spyware protection will be reduced. (Verified) PC Tools c:\program files\spyware doctor\svcntaux.exe + sdCoreService Provides spyware and malware protection for the system. If this service is disabled spyware protection will be disabled. (Verified) PC Tools c:\program files\spyware doctor\swdsvc.exe + SENS Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. (Not verified) Microsoft Corporation c:\windows\system32\sens.dll + SharedAccess Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. (Not verified) Microsoft Corporation c:\windows\system32\ipnathlp.dll + ShellHWDetection Windows Shell Services Dll (Not verified) Microsoft Corporation c:\windows\system32\shsvcs.dll + Spooler Loads files to memory for later printing. (Not verified) Microsoft Corporation c:\windows\system32\spoolsv.exe + srservice Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties (Not verified) Microsoft Corporation c:\windows\system32\srsvc.dll + StiSvc Provides image acquisition services for scanners and cameras. (Not verified) Microsoft Corporation c:\windows\system32\wiaservc.dll + vsmon Monitors internet traffic and generates alerts for disallowed access. (Verified) Check Point Software Technologies Ltd. c:\windows\system32\zonelabs\vsmon.exe + VSSERV Scans media for viruses and other security threats (Not verified) SOFTWIN S.R.L. c:\program files\softwin\bitdefender10\vsserv.exe + W32Time Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\w32time.dll + winmgmt Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\wbem\wmisvc.dll + WMDM PMSP Service WMDM PMSP Service (Not verified) Microsoft Corporation c:\windows\system32\mspmspsv.exe + wuauserv Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. (Not verified) Microsoft Corporation c:\windows\system32\wuauserv.dll + XCOMM Ensures proper communication between BitDefender components (Not verified) SOFTWIN S.R.L c:\program files\common files\softwin\bitdefender communicator\xcommsvr.exe HKLM\System\CurrentControlSet\Services + ac97intc Intel(r) Integrated Controller Hub Audio Driver (Not verified) Intel Corporation c:\windows\system32\drivers\ac97intc.sys + ACPI ACPI Driver for NT (Not verified) Microsoft Corporation c:\windows\system32\drivers\acpi.sys + aec Microsoft Acoustic Echo Canceller (Not verified) Microsoft Corporation c:\windows\system32\drivers\aec.sys + AFD AFD Networking Support Environment (Not verified) Microsoft Corporation c:\windows\system32\drivers\afd.sys + agp440 440 NT AGP Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\agp440.sys + Arp1394 1394 ARP Client Protocol (Not verified) Microsoft Corporation c:\windows\system32\drivers\arp1394.sys + Aspi32 ASPI for WIN32 Kernel Driver (Not verified) Adaptec c:\windows\system32\drivers\aspi32.sys + AsyncMac RAS Asynchronous Media Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\asyncmac.sys + atapi IDE/ATAPI Port Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\atapi.sys + Atmarpc ATM ARP Client Protocol (Not verified) Microsoft Corporation c:\windows\system32\drivers\atmarpc.sys + audstub AudStub Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\audstub.sys + AVG Anti-Spyware Driver (Verified) GRISOFT LTD c:\program files\grisoft\avg anti-spyware 7.5\guard.sys + AvgAsCln AVG7 Clean Driver (Not verified) GRISOFT, s.r.o. c:\windows\system32\drivers\avgascln.sys + basic2 NTRksample driver (Not verified) Conexant Systems c:\windows\system32\drivers\basic2.sys + bdfdll c:\program files\softwin\bitdefender10\bdfdll.sys + BDFSDRV c:\program files\softwin\bitdefender10\bdfsdrv.sys + bdpredir BitDefender Proxy Redirector Driver (Not verified) Softwin SRL c:\program files\softwin\bitdefender10\bdpredir.sys + BDRSDRV c:\program files\softwin\bitdefender10\bdrsdrv.sys + Beep BEEP Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\beep.sys + bvrp_pci c:\windows\system32\drivers\bvrp_pci.sys + CCDECODE WDM Closed Caption VBI Codec (Not verified) Microsoft Corporation c:\windows\system32\drivers\ccdecode.sys + Cdaudio CD-ROM Audio Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\cdaudio.sys + Cdr4_xp CDR4 CD and DVD Place Holder Driver (see PxHelp) (Verified) Sonic Solutions c:\windows\system32\drivers\cdr4_xp.sys + Cdrom SCSI CD-ROM Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\cdrom.sys + cdudf_xp CD-UDF NT Filesystem Driver (Not verified) Sonic Solutions c:\windows\system32\drivers\cdudf_xp.sys + Changer File not found: C:\windows\System32\Drivers\Changer.sys + Cinemsup SW CineMaster Support (Not verified) Sonic Solutions c:\windows\system32\drivers\cinemsup.sys + ctac32k Creative AC3 SW Decoder Device Driver (WDM) (Not verified) Creative Technology Ltd c:\windows\system32\drivers\ctac32k.sys + ctaud2k Creative WDM Audio Device Driver (Not verified) Creative Technology Ltd c:\windows\system32\drivers\ctaud2k.sys + ctdvda2k Creative DVD-Audio Device Driver (WDM) (Not verified) Creative Technology Ltd c:\windows\system32\drivers\ctdvda2k.sys + ctljystk Creative Joyport Enabler (Not verified) Creative Technology Ltd. c:\windows\system32\drivers\ctljystk.sys + ctprxy2k Creative Proxy Device Driver (WDM) (Not verified) Creative Technology Ltd c:\windows\system32\drivers\ctprxy2k.sys + ctsfm2k SoundFont(R) Manager (WDM) (Not verified) Creative Technology Ltd c:\windows\system32\drivers\ctsfm2k.sys + Disk PnP Disk Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\disk.sys + DMusic Microsoft Kernel DLS Synthesizer (Not verified) Microsoft Corporation c:\windows\system32\drivers\dmusic.sys + drmkaud Microsoft Kernel DRM Audio Descrambler Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\drmkaud.sys + drvmcdb Device Driver (Not verified) Sonic Solutions c:\windows\system32\drivers\drvmcdb.sys + dtscsi c:\windows\system32\drivers\dtscsi.sys + dvd_2K DVD-RAM AddOn Driver (Not verified) Sonic Solutions c:\windows\system32\drivers\dvd_2k.sys + E100B Intel(R) PRO/100 Adapter NDIS 5.1 driver (Not verified) Intel Corporation c:\windows\system32\drivers\e100b325.sys + EL90XBC 3Com EtherLink PCI Driver (Not verified) 3Com Corporation c:\windows\system32\drivers\el90xbc5.sys + emu10k Creative SB Live! Adapter Driver (Not verified) Creative Technology Ltd. c:\windows\system32\drivers\emu10k1m.sys + emu10k1 Creative SB Live! Interface Driver (Not verified) Creative Technology Ltd. c:\windows\system32\drivers\ctlfacem.sys + emupia E-mu Plug-in Architecture Driver (WDM) (Not verified) Creative Technology Ltd c:\windows\system32\drivers\emupia2k.sys + enodpl c:\windows\system32\drivers\enodpl.sys + ENTECH PowerStrip support NT kernel-mode driver (Not verified) EnTech Taiwan c:\windows\system32\drivers\entech.sys + EraserUtilRebootDrv File not found: C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys + Fallback Fallback driver (Not verified) Conexant Systems c:\windows\system32\drivers\fallback.sys + Fdc Floppy Disk Controller Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\fdc.sys + Fips FIPS Crypto Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\fips.sys + Flpydisk Floppy Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\flpydisk.sys + FltMgr File System Filter Manager Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\fltmgr.sys + Fsks FSKsNT driver (Not verified) Conexant Systems c:\windows\system32\drivers\fsksnt.sys + Ftdisk FT Disk Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ftdisk.sys + gameenum Game Port Enumerator (Not verified) Microsoft Corporation c:\windows\system32\drivers\gameenum.sys + GEARAspiWDM CD/DVD Class Filter Driver (Verified) GEAR Software Inc. c:\windows\system32\drivers\gearaspiwdm.sys + Gpc Generic Packet Classifier (Not verified) Microsoft Corporation c:\windows\system32\drivers\msgpc.sys + ha10kx2k Creative EMU10KX HAL (WDM) (Not verified) Creative Technology Ltd c:\windows\system32\drivers\ha10kx2k.sys + hap16v2k Creative EMU10KX-P16v HAL (WDM) (Not verified) Creative Technology Ltd c:\windows\system32\drivers\hap16v2k.sys + hap17v2k Creative EMU10KX-P17v HAL (WDM) (Not verified) Creative Technology Ltd c:\windows\system32\drivers\hap17v2k.sys + hidgame HidGame Library (Not verified) Microsoft Corporation c:\windows\system32\drivers\hidgame.sys + HidUsb USB Miniport Driver for Input Devices (Not verified) Microsoft Corporation c:\windows\system32\drivers\hidusb.sys + hsf_msft WinACHSF driver (Not verified) Conexant c:\windows\system32\drivers\hsf_msft.sys + HTTP This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\drivers\http.sys + i2omgmt I2O Utility Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\i2omgmt.sys + i8042prt i8042 Port Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\i8042prt.sys + IFPUSB iriver Internet Audio Player IFP-100 (Not verified) iRiver, Inc. c:\windows\system32\drivers\ifpusb.sys + IKFileSec File Security Device Driver (Verified) PC Tools c:\windows\system32\drivers\ikfilesec.sys + IKSysFlt System Filter Device Driver (Verified) PC Tools c:\windows\system32\drivers\iksysflt.sys + IKSysSec System Security Device Driver (Verified) PC Tools c:\windows\system32\drivers\iksyssec.sys + Imapi IMAPI Kernel Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\imapi.sys + IntelIde Intel PCI IDE Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\intelide.sys + intelppm Processor Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\intelppm.sys + Ip6Fw Provides intrusion prevention service for a home or small office network. (Not verified) Microsoft Corporation c:\windows\system32\drivers\ip6fw.sys + IPFilter Microsoft IntelliPoint (Not verified) Microsoft Corporation c:\windows\system32\drivers\ipfilter.sys + IpFilterDriver IP Traffic Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ipfltdrv.sys + IpInIp IP in IP Tunnel Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ipinip.sys + IpNat IP Network Address Translator (Not verified) Microsoft Corporation c:\windows\system32\drivers\ipnat.sys + IPSec IPSEC driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ipsec.sys + IRENUM Infra-Red Bus Enumerator (Not verified) Microsoft Corporation c:\windows\system32\drivers\irenum.sys + isapnp PNP ISA Bus Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\isapnp.sys + jswmidin File not found: C:\windows\System32\Drivers\jswmidin.sys + K56 K56NT driver (Not verified) Conexant Systems c:\windows\system32\drivers\k56nt.sys + Kbdclass Keyboard Class Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\kbdclass.sys + kbdhid HID Mouse Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\kbdhid.sys + kmixer Kernel Mode Audio Mixer (Not verified) Microsoft Corporation c:\windows\system32\drivers\kmixer.sys + KSecDD Kernel Security Support Provider Interface (Not verified) Microsoft Corporation c:\windows\system32\drivers\ksecdd.sys + kxwdmdrv kX Audio Driver (Not verified) Eugene Gavrilov c:\windows\system32\drivers\kx.sys + lbrtfdc File not found: C:\windows\System32\Drivers\lbrtfdc.sys + m4cxw2k3 NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller (Not verified) D-Link Corporation c:\windows\system32\drivers\m4cxw2k3.sys + mcdbus MagicISO SCSI Host Controller (Not verified) MagicISO, Inc. c:\windows\system32\drivers\mcdbus.sys + mmc_2K CD-R/RW AddOn MMC Driver (W2K) (Not verified) Sonic Solutions c:\windows\system32\drivers\mmc_2k.sys + mnmdd Frame buffer simulator (Not verified) Microsoft Corporation c:\windows\system32\drivers\mnmdd.sys + Modem Modem Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\modem.sys + MODEMCSA Unimodem CSA Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\modemcsa.sys + Mouclass Mouse Class Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\mouclass.sys + mouhid HID Mouse Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\mouhid.sys + MountMgr Mount Manager (Not verified) Microsoft Corporation c:\windows\system32\drivers\mountmgr.sys + MRxDAV WebDav Client Redirector (Not verified) Microsoft Corporation c:\windows\system32\drivers\mrxdav.sys + MRxSmb MRXSMB (Not verified) Microsoft Corporation c:\windows\system32\drivers\mrxsmb.sys + Msfs Mailslot driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\msfs.sys + MSKSSRV MS KS Server (Not verified) Microsoft Corporation c:\windows\system32\drivers\mskssrv.sys + MSPCLOCK MS Proxy Clock (Not verified) Microsoft Corporation c:\windows\system32\drivers\mspclock.sys + MSPQM MS Proxy Quality Manager (Not verified) Microsoft Corporation c:\windows\system32\drivers\mspqm.sys + mssmbios System Management BIOS Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\mssmbios.sys + MSTEE WDM Tee/Communication Transform Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\mstee.sys + MTK MTK Driver (Not verified) MediaTek Corporation c:\windows\system32\drivers\fide.sys + Mup Multiple UNC Provider driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\mup.sys + NABTSFEC WDM NABTS/FEC VBI Codec (Not verified) Microsoft Corporation c:\windows\system32\drivers\nabtsfec.sys + NDIS NDIS 5.1 wrapper driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndis.sys + NdisIP Microsoft IP Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndisip.sys + NdisTapi Remote Access NDIS TAPI Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndistapi.sys + Ndisuio NDIS Usermode I/O Protocol (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndisuio.sys + NdisWan Remote Access NDIS WAN Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndiswan.sys + NDProxy NDIS Proxy (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndproxy.sys + NetBIOS NetBIOS Interface (Not verified) Microsoft Corporation c:\windows\system32\drivers\netbios.sys + NetBT NetBios over Tcpip (Not verified) Microsoft Corporation c:\windows\system32\drivers\netbt.sys + NIC1394 IEEE1394 Ndis Miniport and Call Manager (Not verified) Microsoft Corporation c:\windows\system32\drivers\nic1394.sys + Npfs NPFS Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\npfs.sys + Null NULL Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\null.sys + nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 163.71 (Not verified) NVIDIA Corporation c:\windows\system32\drivers\nv4_mini.sys + nvtvSND File not found: System32\DRIVERS\nvtvsnd.sys + NwlnkFlt IPX Traffic Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\nwlnkflt.sys + NwlnkFwd IPX Traffic Forwarder Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\nwlnkfwd.sys + ohci1394 1394 OpenHCI Port Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ohci1394.sys + ossrv Creative OS Services Driver (WDM) (Not verified) Creative Technology Ltd. c:\windows\system32\drivers\ctoss2k.sys + ousb2hub USB 2.0 Hub Driver (Not verified) OrangeWare Corporation c:\windows\system32\drivers\ousb2hub.sys + ousbehci USB 2.0 Enhanced Host Controller Driver (Not verified) OrangeWare Corporation c:\windows\system32\drivers\ousbehci.sys + P3 Processor Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\p3.sys + Parport Parallel Port Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\parport.sys + PartMgr Partition Manager (Not verified) Microsoft Corporation c:\windows\system32\drivers\partmgr.sys + ParVdm VDM Parallel Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\parvdm.sys + PCI NT Plug and Play PCI Enumerator (Not verified) Microsoft Corporation c:\windows\system32\drivers\pci.sys + PCIDump File not found: C:\windows\System32\Drivers\PCIDump.sys + pcouffin low level access layer for CD/DVD/BD devices (Not verified) VSO Software c:\windows\system32\drivers\pcouffin.sys + PDCOMP File not found: C:\windows\System32\Drivers\PDCOMP.sys + PDFRAME File not found: C:\windows\System32\Drivers\PDFRAME.sys + PDRELI File not found: C:\windows\System32\Drivers\PDRELI.sys + PDRFRAME File not found: C:\windows\System32\Drivers\PDRFRAME.sys + PfDetNT PCI/ISA Device Info. Service (Not verified) Creative Technology Ltd. c:\windows\system32\drivers\pfmodnt.sys + Point32 Point32.sys (Not verified) Microsoft Corporation c:\windows\system32\drivers\point32.sys + PptpMiniport WAN Miniport (PPTP) (Not verified) Microsoft Corporation c:\windows\system32\drivers\raspptp.sys + Processor Processor Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\processr.sys + Profos c:\program files\softwin\bitdefender10\profos.sys + PSched QoS Packet Scheduler (Not verified) Microsoft Corporation c:\windows\system32\drivers\psched.sys + Ptilink Direct Parallel Link Driver (Not verified) Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys + pwd_2K Win2000 Framework for Packet Write Driver (Not verified) Sonic Solutions c:\windows\system32\drivers\pwd_2k.sys + PxHelp20 Px Engine Device Driver for Windows 2000/XP (Verified) Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys + RasAcd Remote Access Auto Connection Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\rasacd.sys + Rasl2tp WAN Miniport (L2TP) (Not verified) Microsoft Corporation c:\windows\system32\drivers\rasl2tp.sys + RasPppoe Remote Access PPPOE Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\raspppoe.sys + Raspti Direct Parallel (Not verified) Microsoft Corporation c:\windows\system32\drivers\raspti.sys + Rdbss Rdbss (Not verified) Microsoft Corporation c:\windows\system32\drivers\rdbss.sys + RDPCDD RDP Miniport (Not verified) Microsoft Corporation c:\windows\system32\drivers\rdpcdd.sys + rdpdr Microsoft RDP Device redirector (Not verified) Microsoft Corporation c:\windows\system32\drivers\rdpdr.sys + RDPWD RDP Terminal Stack Driver (US/Canada Only, Not for Export) (Not verified) Microsoft Corporation c:\windows\system32\drivers\rdpwd.sys + redbook Redbook Audio Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\redbook.sys + Rksample Rksample WDM driver (Not verified) Conexant Systems c:\windows\system32\drivers\rksample.sys + SBAPIFS File not found: C:\windows\system32\drivers\sbapifs.sys + SbcpHid c:\windows\system32\drivers\sbcphid.sys + SBHR Sunbelt CounterSpy AP Driver (Verified) SUNBELT SOFTWARE DISTRIBUTION c:\windows\system32\drivers\sbhr.sys + Secdrv SafeDisc driver (Not verified) Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys + serenum Serial Port Enumerator (Not verified) Microsoft Corporation c:\windows\system32\drivers\serenum.sys + Serial Serial Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\serial.sys + Sfloppy SCSI Floppy Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\sfloppy.sys + sfman SoundFont(R) Manager (Not verified) Creative Technology Ltd. c:\windows\system32\drivers\sfmanm.sys + SLIP Microsoft Slip Deframing Filter Minidriver (Not verified) Microsoft Corporation c:\windows\system32\drivers\slip.sys + SoftFax FaxNT driver (Not verified) Conexant Systems c:\windows\system32\drivers\faxnt.sys + SpeakerPhone SpkpNT driver (Not verified) Conexant Systems c:\windows\system32\drivers\spkpnt.sys + splitter Microsoft Kernel Audio Splitter (Not verified) Microsoft Corporation c:\windows\system32\drivers\splitter.sys + sptd c:\windows\system32\drivers\sptd.sys + srescan srescan (Verified) Check Point Software Technologies Ltd. c:\windows\system32\zonelabs\srescan.sys + Srv Srv (Not verified) Microsoft Corporation c:\windows\system32\drivers\srv.sys + StillCam Serial Imaging Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\serscan.sys + streamip Microsoft IP Test Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\streamip.sys + swenum Plug and Play Software Device Enumerator (Not verified) Microsoft Corporation c:\windows\system32\drivers\swenum.sys + swmidi Microsoft GS Wavetable Synthesizer (Not verified) Microsoft Corporation c:\windows\system32\drivers\swmidi.sys + sysaudio System Audio WDM Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\sysaudio.sys + tandpl c:\windows\system32\drivers\tandpl.sys + Tcpip TCP/IP Protocol Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\tcpip.sys + TDPIPE Named Pipe Transport Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\tdpipe.sys + TDTCP TCP Transport Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\tdtcp.sys + TermDD Terminal Server Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\termdd.sys + Tones TonesNT driver (Not verified) Conexant Systems c:\windows\system32\drivers\tonesnt.sys + Trufos c:\program files\softwin\bitdefender10\trufos.sys + UdfReadr_xp CD-UDF NT Filesystem Reader Driver (Not verified) Roxio c:\windows\system32\drivers\udfreadr_xp.sys + Update Update Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\update.sys + usbaudio USB Audio Class Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbaudio.sys + usbccgp USB Common Class Generic Parent Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbccgp.sys + usbhub Default Hub Driver for USB (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbhub.sys + usbohci OHCI USB Miniport Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbohci.sys + usbprint USB Printer driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbprint.sys + usbscan USB Scanner Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbscan.sys + USBSTOR USB Mass Storage Class Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbstor.sys + usbuhci UHCI USB Miniport Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbuhci.sys + V124 V124NT driver (Not verified) Conexant Systems c:\windows\system32\drivers\v124nt.sys + vaxscsi SCSI miniport (Verified) DAEMON Tools Code Signing Services c:\windows\system32\drivers\vaxscsi.sys + VgaSave Controls the VGA display adapter to provide basic display capabilities. (Not verified) Microsoft Corporation c:\windows\system32\drivers\vga.sys + VolSnap Volume Shadow Copy Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\volsnap.sys + vsdatant TrueVector Device Driver (Verified) Check Point Software Technologies Ltd. c:\windows\system32\vsdatant.sys + Wanarp Remote Access IP ARP Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\wanarp.sys + WDICA File not found: C:\windows\System32\Drivers\WDICA.sys + wdmaud MMSYSTEM Wave/Midi API mapper (Not verified) Microsoft Corporation c:\windows\system32\drivers\wdmaud.sys + winachsf WinACHSF driver (Not verified) Conexant Systems c:\windows\system32\drivers\hsf_cnxt.sys + WmBEnum Logitech WingMan Virtual Bus Enumerator Driver (Not verified) Logitech Inc. c:\windows\system32\drivers\wmbenum.sys + WmFilter Logitech WingMan Hid Filter Driver (Not verified) Logitech Inc. c:\windows\system32\drivers\wmfilter.sys + WmVirHid Logitech WingMan Virtual Hid Device Driver (Not verified) Logitech Inc. c:\windows\system32\drivers\wmvirhid.sys + WmXlCore Logitech WingMan Translation Driver (Not verified) Logitech Inc. c:\windows\system32\drivers\wmxlcore.sys + WS2IFSL Winsock2 IFS Layer (Not verified) Microsoft Corporation c:\windows\system32\drivers\ws2ifsl.sys + WSTCODEC WDM WST Codec Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\wstcodec.sys + WudfPf Provide communciation services for UMDF components. (Not verified) Microsoft Corporation c:\windows\system32\drivers\wudfpf.sys HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute + autocheck autochk * Auto Check Utility (Not verified) Microsoft Corporation c:\windows\system32\autochk.exe + smrgdf C:\PROGRA~1\iolo\SYSTEM~1\ c:\windows\system32\smrgdf.exe HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options + Your Image File Name Here without a path Symbolic Debugger for Windows 2000 (Not verified) Microsoft Corporation c:\windows\system32\ntsd.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls + sockspy.dll c:\windows\system32\sockspy.dll HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls + advapi32 Advanced Windows 32 Base API (Not verified) Microsoft Corporation c:\windows\system32\advapi32.dll + comdlg32 Common Dialogs DLL (Not verified) Microsoft Corporation c:\windows\system32\comdlg32.dll + gdi32 GDI Client DLL (Not verified) Microsoft Corporation c:\windows\system32\gdi32.dll + imagehlp Windows NT Image Helper (Not verified) Microsoft Corporation c:\windows\system32\imagehlp.dll + kernel32 Windows NT BASE API Client DLL (Not verified) Microsoft Corporation c:\windows\system32\kernel32.dll + lz32 LZ Expand/Compress API DLL (Not verified) Microsoft Corporation c:\windows\system32\lz32.dll + ole32 Microsoft OLE for Windows (Not verified) Microsoft Corporation c:\windows\system32\ole32.dll + oleaut32 (Not verified) Microsoft Corporation c:\windows\system32\oleaut32.dll + olecli32 Object Linking and Embedding Client Library (Not verified) Microsoft Corporation c:\windows\system32\olecli32.dll + olecnv32 Microsoft OLE for Windows (Not verified) Microsoft Corporation c:\windows\system32\olecnv32.dll + olesvr32 Object Linking and Embedding Server Library (Not verified) Microsoft Corporation c:\windows\system32\olesvr32.dll + olethk32 Microsoft OLE for Windows (Not verified) Microsoft Corporation c:\windows\system32\olethk32.dll + rpcrt4 Remote Procedure Call Runtime (Not verified) Microsoft Corporation c:\windows\system32\rpcrt4.dll + shell32 Windows Shell Common Dll (Not verified) Microsoft Corporation c:\windows\system32\shell32.dll + url Internet Shortcut Shell Extension DLL (Not verified) Microsoft Corporation c:\windows\system32\url.dll + urlmon OLE32 Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\urlmon.dll + user32 Windows XP USER API Client DLL (Not verified) Microsoft Corporation c:\windows\system32\user32.dll + version Version Checking and File Installation Libraries (Not verified) Microsoft Corporation c:\windows\system32\version.dll + wininet Internet Extensions for Win32 (Not verified) Microsoft Corporation c:\windows\system32\wininet.dll + wldap32 Win32 LDAP API DLL (Not verified) Microsoft Corporation c:\windows\system32\wldap32.dll HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost + logonui.exe Windows Logon UI (Not verified) Microsoft Corporation c:\windows\system32\logonui.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify + crypt32chain Crypto API32 (Not verified) Microsoft Corporation c:\windows\system32\crypt32.dll + cryptnet Crypto Network Related API (Not verified) Microsoft Corporation c:\windows\system32\cryptnet.dll + cscdll Offline Network Agent (Not verified) Microsoft Corporation c:\windows\system32\cscdll.dll + ScCertProp Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll + Schedule Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll + sclgntfy Secondary Logon Service Notification DLL (Not verified) Microsoft Corporation c:\windows\system32\sclgntfy.dll + SensLogn Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll + termsrv Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll + wlballoon Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll HKCU\Control Panel\Desktop\Scrnsave.exe + C:\windows\System32\scrnsave.scr Default Screen Saver (Not verified) Microsoft Corporation c:\windows\system32\scrnsave.scr HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9 + MSAFD NetBIOS [\Device\NetBT_Tcpip_{1171A04B-8271-4A36-9781-7C4DF2743DA2}] DATAGRAM 1 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{1171A04B-8271-4A36-9781-7C4DF2743DA2}] SEQPACKET 1 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{21B7905B-0AC3-4A2F-8A2A-1633BA399DE5}] DATAGRAM 0 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{21B7905B-0AC3-4A2F-8A2A-1633BA399DE5}] SEQPACKET 0 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{2BB4A3A7-7EE4-4751-8544-95A1A17DAC61}] DATAGRAM 5 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{2BB4A3A7-7EE4-4751-8544-95A1A17DAC61}] SEQPACKET 5 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{42EA46D8-9100-4471-BA9F-5782F9B0846A}] DATAGRAM 4 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{42EA46D8-9100-4471-BA9F-5782F9B0846A}] SEQPACKET 4 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{508FACBE-5748-41F2-B366-7A843C23725C}] DATAGRAM 6 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{508FACBE-5748-41F2-B366-7A843C23725C}] SEQPACKET 6 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{850E8A44-EA0F-468D-BA50-9FDEF4B10032}] DATAGRAM 2 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{850E8A44-EA0F-468D-BA50-9FDEF4B10032}] SEQPACKET 2 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{A3A788A4-F9A3-4C34-ADC2-21C684798946}] DATAGRAM 7 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{A3A788A4-F9A3-4C34-ADC2-21C684798946}] SEQPACKET 7 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{F87F8A39-540F-49B7-9FA4-6144B964197A}] DATAGRAM 3 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD NetBIOS [\Device\NetBT_Tcpip_{F87F8A39-540F-49B7-9FA4-6144B964197A}] SEQPACKET 3 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD nwlnkipx [IPX] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD nwlnkspx [SPX II] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD nwlnkspx [SPX II] [Pseudo Stream] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD nwlnkspx [SPX] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD nwlnkspx [SPX] [Pseudo Stream] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD Tcpip [RAW/IP] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD Tcpip [TCP/IP] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + MSAFD Tcpip [UDP/IP] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll + RSVP TCP Service Provider Microsoft Windows Rsvp 1.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\rsvpsp.dll + RSVP UDP Service Provider Microsoft Windows Rsvp 1.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\rsvpsp.dll HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors + BJ Language Monitor Langage Monitor for Canon Bubble-Jet Printer (Not verified) Microsoft Corporation c:\windows\system32\cnbjmon.dll + Local Port Local Spooler DLL (Not verified) Microsoft Corporation c:\windows\system32\localspl.dll + PJL Language Monitor PJL Language monitor (Not verified) Microsoft Corporation c:\windows\system32\pjlmon.dll + Standard TCP/IP Port Standard TCP/IP Port Monitor DLL (Not verified) Microsoft Corporation c:\windows\system32\tcpmon.dll + USB Monitor Standard Dynamic Printing Port Monitor DLL (Not verified) Microsoft Corporation c:\windows\system32\usbmon.dll HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders + digest.dll Digest SSPI Authentication Package (Not verified) Microsoft Corporation c:\windows\system32\digest.dll + msapsspc.dll DPA Client for 32 bit platforms (Not verified) Microsoft Corporation c:\windows\system32\msapsspc.dll + msnsspc.dll MSN Internet Access (Not verified) Microsoft Corporation c:\windows\system32\msnsspc.dll + schannel.dll TLS / SSL Security Provider (Not verified) Microsoft Corporation c:\windows\system32\schannel.dll HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages + msv1_0 Microsoft Authentication Package v1.0 (Not verified) Microsoft Corporation c:\windows\system32\msv1_0.dll HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages + scecli Windows Security Configuration Editor Client Engine (Not verified) Microsoft Corporation c:\windows\system32\scecli.dll HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages + kerberos Kerberos Security Package (Not verified) Microsoft Corporation c:\windows\system32\kerberos.dll + msv1_0 Microsoft Authentication Package v1.0 (Not verified) Microsoft Corporation c:\windows\system32\msv1_0.dll + schannel TLS / SSL Security Provider (Not verified) Microsoft Corporation c:\windows\system32\schannel.dll + wdigest Microsoft Digest Access (Not verified) Microsoft Corporation c:\windows\system32\wdigest.dll HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order + LanmanWorkstation Microsoft Windows Network (Not verified) Microsoft Corporation c:\windows\system32\ntlanman.dll + RDPNP Microsoft Terminal Services (Not verified) Microsoft Corporation c:\windows\system32\drprov.dll + WebClient Web Client Network (Not verified) Microsoft Corporation c:\windows\system32\davclnt.dll |
|
|
|
|
coconut
Senior Member
Joined: 05 January 2007 Online Status: Offline Posts: 557 |
Post Options
Quote Reply
Posted: 06 December 2007 at 7:24pm |
|
C:\Documents and Settings\Dan\Desktop\sdstart.exe
C:\RECYCLER\S-1-5-21-1163395192-1741428164-3652652152-1006\Dc14.exe
indeed look suspicious. the only reference to sdstart i could find leads to pctools.com and dc14.exe turns up a couple anti-spyware forums, nothing concrete.
please download autoruns from here at sysinternals. set options to verify signatures and hide ms signed entries, and post log here
|
|
|
|
|
Truls88
Newbie
Joined: 06 December 2007 Location: United States Online Status: Offline Posts: 4 |
Post Options
Quote Reply
Posted: 06 December 2007 at 4:51pm |
|
i am new to this and need some help.
Thanks HKU\S-1-5-21-1163395192-1741428164-3652652152-1006\Software\Roxio\MediaImport\DVDs\C:\WORLD_TRADE_CENTER_WS_DISC1.ISO 11/13/2007 4:53 PM 7 bytes Data mismatch between Windows API and raw hive data. HKLM\SECURITY\Policy\Secrets\SAC* 9/5/2001 9:24 AM 0 bytes Key name contains embedded nulls (*) HKLM\SECURITY\Policy\Secrets\SAI* 9/5/2001 9:24 AM 0 bytes Key name contains embedded nulls (*) HKLM\SOFTWARE\Zone Labs\ZoneAlarm\IncomingCount 12/6/2007 3:55 PM 4 bytes Data mismatch between Windows API and raw hive data. HKLM\SOFTWARE\Zone Labs\ZoneAlarm\BlockCount 12/6/2007 3:55 PM 4 bytes Data mismatch between Windows API and raw hive data. HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg 3/1/2006 4:32 PM 0 bytes Access is denied. C:\Documents and Settings\Dan\Desktop\sdstart.exe 12/6/2007 4:32 PM 14.72 MB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\01761C3Ad01 12/6/2007 4:29 PM 14.49 MB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\0A7EE7A8d01 12/6/2007 4:31 PM 23.69 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\1EB02D99d01 12/6/2007 4:30 PM 72.10 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\26EC850Fd01 12/6/2007 4:39 PM 22.53 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\2D6A5164d01 12/6/2007 4:30 PM 35.96 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\300041BAd01 12/6/2007 4:30 PM 17.32 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\32FF0BAFd01 12/6/2007 4:31 PM 32.37 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\507348DFd01 12/6/2007 4:30 PM 17.43 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\60B1A367d01 12/6/2007 4:28 PM 30.21 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\682B0EF5d01 12/6/2007 4:39 PM 27.49 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\74EFD487d01 12/6/2007 4:39 PM 58.40 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\8EFA952Cd01 12/6/2007 4:11 PM 24.79 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\912E69FEd01 12/6/2007 4:30 PM 68.38 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\95784B28d01 12/6/2007 4:30 PM 20.28 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\9B72D33Cd01 12/6/2007 4:30 PM 23.59 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\A41279ADd01 12/6/2007 4:32 PM 14.72 MB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\A70A618Fd01 12/6/2007 4:28 PM 20.13 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\A8D2204Fd01 12/6/2007 4:30 PM 16.49 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\B1D07926d01 12/6/2007 4:30 PM 29.22 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\C0F6A905d01 12/6/2007 4:30 PM 29.08 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\D1D351B1d01 12/6/2007 4:44 PM 33.46 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\DC1DB316d01 12/6/2007 4:39 PM 20.91 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\EB5B017Ad01 12/6/2007 4:30 PM 44.92 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\F057E46Dd01 12/6/2007 4:31 PM 17.63 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\F507CA8Dd01 12/6/2007 4:39 PM 19.53 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.j5s\Cache\FFAFDF49d01 12/6/2007 4:31 PM 26.98 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\01O5C7AD\bodybg[2] 12/6/2007 11:44 AM 11.97 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\01O5C7AD\next_w[1] 12/6/2007 11:44 AM 53 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\01O5C7AD\next_w[2] 12/6/2007 4:48 PM 53 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\01O5C7AD\prev_w[1] 12/6/2007 4:48 PM 53 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\01O5C7AD\tips_Y[1] 12/6/2007 11:44 AM 52 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\01O5C7AD\wab[1] 12/6/2007 4:48 PM 109 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\FUA1Q629\bodybg[1] 12/6/2007 4:48 PM 11.97 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\FUA1Q629\close[1] 12/6/2007 11:44 AM 845 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\FUA1Q629\frntpage[1] 12/6/2007 4:48 PM 23.20 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\FUA1Q629\gomsn[1] 12/6/2007 4:48 PM 1.29 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\FUA1Q629\next[1] 12/6/2007 11:44 AM 53 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\FUA1Q629\next[2] 12/6/2007 4:48 PM 53 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\FUA1Q629\oelogo1[1] 12/6/2007 11:44 AM 1.42 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\FUA1Q629\prev[1] 12/6/2007 4:48 PM 53 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\FUA1Q629\prev[2] 12/6/2007 11:44 AM 53 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\CAOAGQ35 12/6/2007 4:48 PM 0 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\CAQZMRYH 12/6/2007 4:48 PM 0 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\close[1] 12/6/2007 4:48 PM 845 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\closeup[1] 12/6/2007 4:48 PM 881 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\closeup[2] 12/6/2007 11:44 AM 881 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\frntpage[1] 12/6/2007 11:44 AM 23.20 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\gomsn[2] 12/6/2007 11:44 AM 1.29 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\newmail[1] 12/6/2007 11:44 AM 188 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\newmail[2] 12/6/2007 4:48 PM 188 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\oelogo1[2] 12/6/2007 4:48 PM 1.42 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\oelogo2[1] 12/6/2007 11:44 AM 1.35 KB Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\oelogo2[2] 12/6/2007 4:48 PM 1.35 KB Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\prev_w[1] 12/6/2007 11:44 AM 53 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\tips_w[1] 12/6/2007 11:44 AM 52 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\tips_w[2] 12/6/2007 4:48 PM 52 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\tips_Y[2] 12/6/2007 4:48 PM 52 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\unread[1] 12/6/2007 4:48 PM 879 bytes Hidden from Windows API. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\unread[2] 12/6/2007 11:44 AM 879 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\wab[2] 12/6/2007 11:44 AM 109 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\wabfind[1] 12/6/2007 11:44 AM 172 bytes Visible in Windows API, but not in MFT or directory index. C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\MPIMJQMG\wabfind[2] 12/6/2007 4:48 PM 172 bytes Hidden from Windows API. C:\RECYCLER\S-1-5-21-1163395192-1741428164-3652652152-1006\Dc14.exe 12/6/2007 4:29 PM 14.49 MB Hidden from Windows API. C:\WINDOWS\Internet Logs\ZALog2007.12.05.txt 12/6/2007 4:47 PM 88.96 KB Hidden from Windows API. |
|
|
|
|
Post Reply
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
