Thread: Problems with first steps
View Single Post
Old 03-13-2009, 10:43 PM   #3 (permalink)
Vesh Wolf
Registered User
 
Join Date: Mar 2009
Posts: 20
OS: XP


Re: Problems with first steps
DDS (Ver_09-02-01.01) - NTFSx86
Run by HP_Administrator at 16:31:35.05 on Tue 03/10/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.118 [GMT -4:00]

AV: AVG 7.5.557 *On-access scanning enabled* (Updated)
FW: Sygate Personal Firewall Pro *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\xampp\apache\bin\apache.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\xampp\mysql\bin\mysqld-nt.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\xampp\apache\bin\apache.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wwSecure.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\DISC\DISCover.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Computer Lock Up\CompLockUp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Desktop Architect\datray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\HP_Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.pogo.com/home/home.do
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://www.incredimail.com/page.asp?page=reg_success&lang=9&version=5202407&setup_id=7&aff_id=101&addon=IncrediMail
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://as.weatherstudio.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDFaDWeHPPJB7LTDJIsV0lCTWxW9ld6xHZuTN05d6FRcMztRuXIiFKrWRpNFs8RXD9yBFUK1czfn/7jBwTQgM7GKVBqmYW41Gwg/uG7vweo7H5xjsfysb/04vXPebgqoulxUdrRres90Y5fkdURfvzIg==
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn2\yt.dll
uURLSearchHooks: Twisted Raiders Toolbar: {2f6cbe35-fc01-455c-ad66-d44cdd87cee5} - c:\program files\twisted_raiders\tbTwi1.dll
uURLSearchHooks: darkavalon.us Toolbar: {928afffe-5c8e-45ee-90ba-4695bb7e55e7} - c:\program files\darkavalon.us\tbdar1.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn2\yt.dll
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Twisted Raiders Toolbar: {2f6cbe35-fc01-455c-ad66-d44cdd87cee5} - c:\program files\twisted_raiders\tbTwi1.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: darkavalon.us Toolbar: {928afffe-5c8e-45ee-90ba-4695bb7e55e7} - c:\program files\darkavalon.us\tbdar1.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
BHO: {FFDD804F-A7F8-4395-93D2-66A85DA2BDAB} - No File
TB: {15757333-2BCA-4B77-A807-D0955132F812} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn2\yt.dll
TB: Twisted Raiders Toolbar: {2f6cbe35-fc01-455c-ad66-d44cdd87cee5} - c:\program files\twisted_raiders\tbTwi1.dll
TB: darkavalon.us Toolbar: {928afffe-5c8e-45ee-90ba-4695bb7e55e7} - c:\program files\darkavalon.us\tbdar1.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: Burn4Free Toolbar: {55faf0f2-44d4-425f-b5f5-6b275b621eab} -
EB: MasterCook Bar: {c92041c1-6d22-4069-ba0e-66246aa752b0} - c:\windows\system32\shdocvw.dll
uRun: [Computer Lock Up] c:\program files\computer lock up\CompLockUp.exe
uRun: [UnHackMe Monitor] c:\program files\unhackme\hackmon.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Pando] "c:\program files\pando networks\pando\Pando.exe" /Minimized
uRun: [Desktop Architect] "c:\program files\desktop architect\datray.exe" -S
uRun: [Window Washer] c:\program files\webroot\washer\wwDisp.exe
uRun: [calnique] c:\program files\calnique\calnique.exe
uRun: [Calnique Alarm Clock] c:\program files\calnique\extras\alarmclock.exe
uRun: [DW6]
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Weather Clock]
uRun: [WeatherClock] c:\program files\weather clock\WeatherClock.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [DISCover] c:\program files\disc\DISCover.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SmcService] c:\progra~1\sygate\spf\smc.exe -startgui
mRun: [AVG7_CC] c:\progra~1\grisoft\avg7\avgcc.exe /STARTUP
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PC Pitstop Optimize Reminder] c:\program files\pcpitstop\optimize2\Reminder.exe
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
dRun: [AVG7_Run] c:\progra~1\grisoft\avg7\avgw.exe /RUNONCE
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\lunaba~1.lnk - c:\program files\lunabar\Lunabar.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 2.4\program\quickstart.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\webshots.lnk - f:\program files\webshots\Launcher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
uPolicies-system: NoDispBackgroundPage = 1 (0x1)
IE: &Add animation to IncrediMail Style Box - c:\program files\incredimail\bin\resources\WebMenuImg.htm
IE: &Search - http://edits.mywebsearch.com/toolbar...p=ZNxpt141YYUS
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: MasterCook: Select Image - c:\program files\mastercook 9\web\MCIEContext.hta
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\hp_administrator\start menu\programs\imvu\Run IMVU.lnk
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {E6EF5071-7647-4E85-9785-87B6CF5CB561} - {C92041C1-6D22-4069-BA0E-66246AA752B0} - c:\windows\system32\shdocvw.dll
Trusted Zone: moove.com
Trusted Zone: trymedia.com
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://activation.rr.com/install/downloads/tgctlcm.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} - hxxp://download-games.pogo.com/online2/pogop/mahjong_escape_ancient_japan/SpinTopGamesLauncher.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_adm~1\applic~1\mozilla\firefox\profiles\ip9ybdob.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1397988&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.pogo.com/home/home.do
FF - component: c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\ip9ybdob.default\extensions\{928afffe-5c8e-45ee-90ba-4695bb7e55e7}\components\FFAlert.dll
FF - component: c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\ip9ybdob.default\extensions\{fd0da580-5b4d-456a-89ad-880d05662db3}\components\FFAlert.dll
FF - plugin: c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\ip9ybdob.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp07076007.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ksolo\npAVX.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPAbacheck.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npkanevapatch.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys [2007-10-17 821856]
R1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys [2007-10-17 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys [2007-10-17 27776]
R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2007-10-17 10760]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2008-6-14 17408]
R2 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avg7\avgamsvr.exe [2007-10-17 418816]
R2 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avg7\avgupsvc.exe [2007-10-17 49664]
R2 AVGEMS;AVG E-mail Scanner;c:\progra~1\grisoft\avg7\avgemc.exe [2007-10-17 406528]
R2 AvgTdi;AVG Network Redirector;c:\windows\system32\drivers\avgtdi.sys [2007-10-17 4960]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\firebird\firebird_2_1\bin\fbguard.exe -s defaultinstance --> c:\program files\firebird\firebird_2_1\bin\fbguard.exe -s DefaultInstance [?]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-6 99328]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [2009-2-12 40576]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\firebird\firebird_2_1\bin\fbserver.exe -s defaultinstance --> c:\program files\firebird\firebird_2_1\bin\fbserver.exe -s DefaultInstance [?]
R3 keybmon;keybmon;c:\windows\system32\drivers\keybmon.sys [2007-9-16 4934]
R3 mousmon;mousmon;c:\windows\system32\drivers\mousmon.sys [2007-9-16 3491]
S0 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2007-10-28 31170]
S2 ICron;ICron;c:\cron\ICronService.exe [2000-5-28 341504]
S3 ONSREGED;ONSREGED;c:\windows\system32\drivers\ONSREGED.SYS [2006-7-26 7680]
S3 PCD5SRVC{085326CB-51A3560A-05010003};PCD5SRVC{085326CB-51A3560A-05010003} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2005-9-8 21120]
S4 vsdatant;vsdatant; [x]

============== File Associations ===============

regfile="regedit.exe" "%1"

=============== Created Last 30 ================

2009-03-05 07:22 <DIR> --d----- c:\program files\Weather Clock
2009-03-03 05:15 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\SerpentOfIsis
2009-03-03 05:09 <DIR> --d----- c:\program files\games
2009-03-02 12:30 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\GigaTribe
2009-03-02 12:29 <DIR> --d----- c:\program files\GigaTribe
2009-02-22 01:06 61,440 a------- c:\windows\uninstall.exe
2009-02-21 07:58 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\mIRC
2009-02-21 07:58 <DIR> --d----- c:\program files\mIRC
2009-02-18 16:57 <DIR> --d----- C:\spoolerlogs
2009-02-17 22:59 2,938 a------- c:\windows\system32\b4413c42bb.ax
2009-02-17 22:52 27,136 a------- c:\windows\system32\lspiho.dll
2009-02-16 21:02 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\QQ Games Plugin
2009-02-16 21:00 <DIR> --d----- c:\program files\Tencent
2009-02-16 21:00 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Tencent
2009-02-16 20:59 <DIR> --d----- c:\program files\AIMTunes
2009-02-16 20:58 <DIR> --d----- c:\docume~1\alluse~1\applic~1\acccore
2009-02-12 01:06 40,576 a------- c:\windows\system32\drivers\vrtaucbl.sys
2009-02-12 01:06 <DIR> --d----- c:\program files\Virtual Audio Cable
2009-02-09 19:58 249,856 a------- c:\windows\Sweetheart.scr
2009-02-09 19:58 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Softdisk LLC

==================== Find3M ====================

2009-02-21 23:51 509 a------- c:\program files\Shortcut to Weather Pulse.lnk
2009-02-12 00:32 31,744 a------- c:\windows\system32\avc2av.dll
2009-01-16 22:35 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
2008-12-19 05:10 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 05:10 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 01:25 634,024 a------- c:\windows\system32\dllcache\iexplore.exe
2008-12-19 01:23 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2008-12-11 06:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-03-04 22:12 0 a------- c:\program files\temp01
2004-09-28 16:22 911,360 a------- c:\program files\enhancer.8bf
2004-08-06 13:44 1,023,488 a------- c:\program files\Stamp.8bf
2004-07-06 16:07 657,408 a------- c:\program files\Chameleon.8bf
2004-07-01 21:50 881,664 a------- c:\program files\Retoucher.8bf
2007-10-28 07:53 2 a--shrot c:\windows\winstart.bat
2006-11-04 15:00 88 ---shr-- c:\windows\system32\32DB8F4B65.sys
2006-11-04 20:18 2,516 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-08-18 05:03 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008081820080819\index.dat

============= FINISH: 16:31:46.63 ===============
Attached Files
File Type: txt Attach.txt (15.2 KB, 2 views)
File Type: txt rootrepeal.txt (3.8 KB, 5 views)
Vesh Wolf is offline